[SERVER-75831] Coverity analysis defect 137537: Wrapper object use after free Created: 07/Apr/23  Updated: 08/Apr/23  Resolved: 08/Apr/23

Status: Closed
Project: Core Server
Component/s: Internal Code
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Coverity Collector User Assignee: [DO NOT USE] Backlog - Server Serverless (Inactive)
Resolution: Duplicate Votes: 0
Labels: coverity
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Screenshot 2023-04-07 at 9.57.25 AM.png    
Issue Links:
Duplicate
duplicates SERVER-70379 Coverity analysis defect 128813: Wrap... Closed
Problem/Incident
is caused by SERVER-72199 Handle initial sync, resync and uncl... Closed
Assigned Teams:
Serverless
Operating System: ALL
Participants:

 Description   

Wrapper object use after free
src/mongo/db/repl/tenant_file_importer_service.cpp

A use after free bug would occur if the internal pointer is used. An internal pointer of a wrapper object remains available after the object is freed
/src/mongo/db/repl/tenant_file_importer_service.cpp:214: WRAPPER_ESCAPE 137537 Calling "get" which extracts wrapped state from local "uniqueOpCtx".
/src/mongo/db/repl/tenant_file_importer_service.cpp:214: WRAPPER_ESCAPE 137537 Assigning: "opCtx" = "uniqueOpCtx.get()".
/src/mongo/db/repl/tenant_file_importer_service.cpp:229: WRAPPER_ESCAPE 137537 The internal representation of local "uniqueOpCtx" escapes into "this->_opCtx", but is destroyed when it exits scope.


Generated at Thu Feb 08 06:31:10 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.