<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:08:35 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-147] When calling API mongo_get_primary if mongo-&gt;primary has not been initalized results on memory overun</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-147</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;primary pointer is allocated here:&lt;/p&gt;

&lt;p&gt;MONGO_EXPORT void mongo_replset_init( mongo *conn, const char *name ) {&lt;br/&gt;
    mongo_init( conn );&lt;/p&gt;

&lt;p&gt;    conn-&amp;gt;replset = bson_malloc( sizeof( mongo_replset ) );&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;primary_connected = 0;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;seeds = NULL;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;hosts = NULL;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;name = ( char * )bson_malloc( strlen( name ) + 1 );&lt;br/&gt;
    memcpy( conn-&amp;gt;replset-&amp;gt;name, name, strlen( name ) + 1  );&lt;/p&gt;

&lt;p&gt;    conn-&amp;gt;primary = bson_malloc( sizeof( mongo_host_port ) );    &lt;br/&gt;
}&lt;/p&gt;

&lt;p&gt;As you can see, the structure is not initialized in any shape or form.&lt;br/&gt;
If a call to mongo_get_primary is performed right after this, a fatal memory overrun will occur at the driver level and the only solution for this is shutting down the application using the driver and starting it again.&lt;/p&gt;

&lt;p&gt;I solved the problem adding the following code after the malloc of primary:&lt;/p&gt;

&lt;p&gt;    /* JSB */&lt;br/&gt;
    conn-&amp;gt;primary-&amp;gt;host&lt;span class=&quot;error&quot;&gt;&amp;#91;0&amp;#93;&lt;/span&gt; = (char)NULL;&lt;br/&gt;
    conn-&amp;gt;primary-&amp;gt;next = NULL;&lt;/p&gt;

&lt;p&gt;And changing the following function to be aware of NULL value on the first char of host array.&lt;/p&gt;

&lt;p&gt;MONGO_EXPORT const char* mongo_get_primary(mongo* conn) {&lt;br/&gt;
    mongo* conn_ = (mongo*)conn;&lt;br/&gt;
    /* JSB */&lt;br/&gt;
    if (conn_&lt;del&gt;&amp;gt;primary&lt;/del&gt;&amp;gt;host&lt;span class=&quot;error&quot;&gt;&amp;#91;0&amp;#93;&lt;/span&gt;)&lt;br/&gt;
      return &lt;em&gt;get_host_port(conn&lt;/em&gt;-&amp;gt;primary); &lt;br/&gt;
    else return NULL;&lt;br/&gt;
}&lt;/p&gt;</description>
                <environment>Visual C++</environment>
        <key id="40227">CDRIVER-147</key>
            <summary>When calling API mongo_get_primary if mongo-&gt;primary has not been initalized results on memory overun</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="kbanker">Kyle Banker</assignee>
                                    <reporter username="k2xt">Jose Sebastian Battig</reporter>
                        <labels>
                            <label>driver</label>
                    </labels>
                <created>Sat, 2 Jun 2012 02:04:13 +0000</created>
                <updated>Wed, 19 Oct 2016 14:14:52 +0000</updated>
                            <resolved>Sun, 3 Jun 2012 13:28:45 +0000</resolved>
                                    <version>TBD</version>
                                    <fixVersion>0.6</fixVersion>
                                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="148406" author="auto" created="Sat, 28 Jul 2012 04:20:43 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;date&apos;: u&apos;2012-07-27T21:20:24-07:00&apos;, u&apos;email&apos;: u&apos;gary.murakami@10gen.com&apos;, u&apos;name&apos;: u&apos;Gary Murakami&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-147&quot; title=&quot;When calling API mongo_get_primary if mongo-&amp;gt;primary has not been initalized results on memory overun&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-147&quot;&gt;&lt;del&gt;CDRIVER-147&lt;/del&gt;&lt;/a&gt; When calling API mongo_get_primary if mongo-&amp;gt;primary has not been initalized results on memory overun&lt;br/&gt;
fix as per comment from Asya - thanks!&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/226a3d2aa12f586f37f4dcd317a3c186f96976bc&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/226a3d2aa12f586f37f4dcd317a3c186f96976bc&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="136098" author="k2xt" created="Sun, 24 Jun 2012 20:26:57 +0000"  >&lt;p&gt;Asya comments are correct. Actually the version on GIT right now is wrong.&lt;/p&gt;</comment>
                            <comment id="125489" author="auto" created="Sun, 3 Jun 2012 13:22:14 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;login&apos;: u&apos;banker&apos;, u&apos;name&apos;: u&apos;Kyle Banker&apos;, u&apos;email&apos;: u&apos;kylebanker@gmail.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-147&quot; title=&quot;When calling API mongo_get_primary if mongo-&amp;gt;primary has not been initalized results on memory overun&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-147&quot;&gt;&lt;del&gt;CDRIVER-147&lt;/del&gt;&lt;/a&gt; initialize conn-&amp;gt;primary in mongo_replset_init&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/b4de4ebb9803da1fd7feb5690c97262c0956da2e&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/b4de4ebb9803da1fd7feb5690c97262c0956da2e&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="125325" author="k2xt" created="Sat, 2 Jun 2012 02:05:09 +0000"  >&lt;p&gt;I set priority Major to this report because of the fact when this bug becomes evident the application which loaded the driver becomes unusable because of the mem overrun&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="42240">CDRIVER-152</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10012"><![CDATA[Major Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrh6g7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>13844</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>