[SERVER-61904] Coverity analysis defect 121223: Wrapper object use after free Created: 03/Dec/21  Updated: 29/Oct/23  Resolved: 16/Dec/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.3.0

Type: Bug Priority: Major - P3
Reporter: Coverity Collector User Assignee: Dan Larkin-York
Resolution: Fixed Votes: 0
Labels: coverity
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Execution Team 2021-12-27
Participants:

 Description   

Wrapper object use after free

A use after free bug would occur if the internal pointer is used. An internal pointer of a wrapper object remains available after the object is freed
/src/mongo/db/timeseries/bucket_compression.cpp:279: WRAPPER_ESCAPE 121223 Calling "get" which extracts wrapped state from local "tamperedData".
/src/mongo/db/timeseries/bucket_compression.cpp:281: WRAPPER_ESCAPE 121223 The internal representation of local "tamperedData" escapes into "measurements.front().timeField", but is destroyed when it exits scope.



 Comments   
Comment by Githook User [ 16/Dec/21 ]

Author:

{'name': 'Dan Larkin-York', 'email': 'dan.larkin-york@mongodb.com', 'username': 'dhly-etc'}

Message: SERVER-61904 Fix use-after-free warning in BSONColumn compression
Branch: master
https://github.com/mongodb/mongo/commit/39b8eaf66ae3c8b2cccd7f81b643f55ce789362f

Generated at Thu Feb 08 05:53:37 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.