<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:15:31 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-2533] Double free in Kerberos auth logic</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-2533</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;Several paths through _mongoc_cluster_auth_node_cyrus result in mongoc_cmd_parts_cleanup twice on the same mongoc_cmd_parts_t struct.&lt;/p&gt;

&lt;p&gt;Introduced in:&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/04127a0dab4683fcd27872dfcde0314bd76f8ea5&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/04127a0dab4683fcd27872dfcde0314bd76f8ea5&lt;/a&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="506801">CDRIVER-2533</key>
            <summary>Double free in Kerberos auth logic</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="jesse@mongodb.com">A. Jesse Jiryu Davis</assignee>
                                    <reporter username="jesse@mongodb.com">A. Jesse Jiryu Davis</reporter>
                        <labels>
                    </labels>
                <created>Wed, 7 Mar 2018 02:53:21 +0000</created>
                <updated>Sat, 28 Oct 2023 11:30:04 +0000</updated>
                            <resolved>Mon, 12 Mar 2018 11:07:43 +0000</resolved>
                                    <version>1.8.0</version>
                                    <fixVersion>1.10.0</fixVersion>
                                    <component>auth</component>
                    <component>libmongoc</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="1830494" author="xgen-internal-githook" created="Mon, 12 Mar 2018 11:09:47 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;email&apos;: &apos;jesse@mongodb.com&apos;, &apos;name&apos;: &apos;A. Jesse Jiryu Davis&apos;, &apos;username&apos;: &apos;ajdavis&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-2533&quot; title=&quot;Double free in Kerberos auth logic&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-2533&quot;&gt;&lt;del&gt;CDRIVER-2533&lt;/del&gt;&lt;/a&gt; double free in cyrus sasl code&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/e948f1ac40cadf42404d75f9eb188dbe47d6f4e5&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/e948f1ac40cadf42404d75f9eb188dbe47d6f4e5&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1825940" author="jesse" created="Wed, 7 Mar 2018 15:13:13 +0000"  >&lt;p&gt;Doesn&apos;t crash, so long as the bson_t&apos;s in the mongoc_cmd_parts_t struct haven&apos;t spilled to heap. Calling bson_destroy() twice on these bson_t&apos;s does nothing. But if they ever did spill to heap, for example if a read preference or some other configuration exceeds 120 bytes, then Kerberos authentication would cause a crash. Caught via the BSON_MEMCHECK flag.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="507097">CDRIVER-2535</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htj9zz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>