<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:08:36 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-152] When calling API mongo_get_primary if mongo-&gt;primary has not been initalized results on memory overrun (REOPENING)</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-152</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;primary pointer is allocated here:&lt;/p&gt;

&lt;p&gt;MONGO_EXPORT void mongo_replset_init( mongo *conn, const char *name ) {&lt;br/&gt;
    mongo_init( conn );&lt;/p&gt;

&lt;p&gt;    conn-&amp;gt;replset = bson_malloc( sizeof( mongo_replset ) );&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;primary_connected = 0;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;seeds = NULL;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;hosts = NULL;&lt;br/&gt;
    conn-&amp;gt;replset-&amp;gt;name = ( char * )bson_malloc( strlen( name ) + 1 );&lt;br/&gt;
    memcpy( conn-&amp;gt;replset-&amp;gt;name, name, strlen( name ) + 1  );&lt;/p&gt;

&lt;p&gt;    conn-&amp;gt;primary = bson_malloc( sizeof( mongo_host_port ) );    &lt;br/&gt;
}&lt;/p&gt;

&lt;p&gt;As you can see, the structure is not initialized in any shape or form.&lt;br/&gt;
If a call to mongo_get_primary is performed right after this, a fatal memory overrun will occur at the driver level and the only solution for this is shutting down the application using the driver and starting it again.&lt;/p&gt;

&lt;p&gt;I solved the problem adding the following code after the malloc of primary:&lt;/p&gt;

&lt;p&gt;    /* JSB */&lt;br/&gt;
    conn-&amp;gt;primary-&amp;gt;host&lt;span class=&quot;error&quot;&gt;&amp;#91;0&amp;#93;&lt;/span&gt; = (char)NULL;&lt;br/&gt;
    conn-&amp;gt;primary-&amp;gt;next = NULL;&lt;/p&gt;

&lt;p&gt;And changing the following function to be aware of NULL value on the first char of host array.&lt;/p&gt;

&lt;p&gt;MONGO_EXPORT const char* mongo_get_primary(mongo* conn) {&lt;br/&gt;
    mongo* conn_ = (mongo*)conn;&lt;br/&gt;
    /* JSB */&lt;br/&gt;
    if (conn_&lt;del&gt;&amp;gt;primary&lt;/del&gt;&amp;gt;host&lt;span class=&quot;error&quot;&gt;&amp;#91;0&amp;#93;&lt;/span&gt;)&lt;br/&gt;
      return &lt;em&gt;get_host_port(conn&lt;/em&gt;-&amp;gt;primary); &lt;br/&gt;
    else return NULL;&lt;br/&gt;
}&lt;/p&gt;</description>
                <environment>Visual C++</environment>
        <key id="42240">CDRIVER-152</key>
            <summary>When calling API mongo_get_primary if mongo-&gt;primary has not been initalized results on memory overrun (REOPENING)</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="3">Duplicate</resolution>
                                        <assignee username="gjmurakami">Gary Murakami</assignee>
                                    <reporter username="k2xt">Jose Sebastian Battig</reporter>
                        <labels>
                            <label>driver</label>
                    </labels>
                <created>Sun, 24 Jun 2012 20:27:41 +0000</created>
                <updated>Wed, 19 Oct 2016 14:14:53 +0000</updated>
                            <resolved>Sat, 28 Jul 2012 04:26:41 +0000</resolved>
                                    <version>TBD</version>
                                    <fixVersion>0.6</fixVersion>
                    <fixVersion>0.7</fixVersion>
                                                        <votes>0</votes>
                                    <watches>0</watches>
                                                                                                                <comments>
                            <comment id="148407" author="gjmurakami" created="Sat, 28 Jul 2012 04:26:41 +0000"  >&lt;p&gt;Fixed in &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-147&quot; title=&quot;When calling API mongo_get_primary if mongo-&amp;gt;primary has not been initalized results on memory overun&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-147&quot;&gt;&lt;del&gt;CDRIVER-147&lt;/del&gt;&lt;/a&gt; - When calling API mongo_get_primary if mongo-&amp;gt;primary has not been initalized results on memory overun&lt;br/&gt;
The commit probably should have been on this issue, but that&apos;s now history, and it is fixed thanks to Asya.&lt;/p&gt;</comment>
                            <comment id="136099" author="k2xt" created="Sun, 24 Jun 2012 20:28:36 +0000"  >&lt;p&gt;I have re-opened this issue because the problem is indeed not solved.&lt;br/&gt;
The way the code was written it&apos;s checking for the pointer to the string value, not the value of the first character of the pointed string.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                            <outwardlinks description="duplicates">
                                        <issuelink>
            <issuekey id="40227">CDRIVER-147</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10012"><![CDATA[Major Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hrh6fb:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>13840</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>