<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:18:11 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-3487] Exhaust cursors on single threaded drivers may interfere with SDAM monitoring</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-3487</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;When discussing &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-3438&quot; title=&quot;Destroy exhaust cursor socket in mongoc_cursor_destroy regardless of client generation&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-3438&quot;&gt;&lt;del&gt;CDRIVER-3438&lt;/del&gt;&lt;/a&gt;, the following scenario seems like a very possible bug in libmongoc:&lt;/p&gt;

&lt;p&gt;Create an exhaust cursor against server S1. This sets &lt;tt&gt;mongoc_client_t&lt;/tt&gt;&apos;s in_exhaust flag to true. Since S1 expects to stream all documents requested, the socket to S1 can only be read from (and must be closed when done) in &lt;tt&gt;mongoc_cursor_destroy&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;While the &lt;tt&gt;mongoc_client_t&lt;/tt&gt; is still in_exhuast, call &lt;tt&gt;mongoc_client_select_server&lt;/tt&gt;, triggering a topology scan. Since there is no check of &lt;tt&gt;client-&amp;gt;in_exhaust&lt;/tt&gt; in mongoc-async-cmd.c, the scan will attempt to send an isMaster on the &lt;em&gt;same&lt;/em&gt; socket to S1. This will result in an out-of-bound write to the socket. &lt;/p&gt;

&lt;p&gt;Note, I believe this bug would only appear if the user were to call &lt;tt&gt;mongoc_client_select_server&lt;/tt&gt; while the client was in exhaust. Other operations that would otherwise do I/O would check (and correctly error) in the common I/O code path of mongoc-cluster.c.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1098036">CDRIVER-3487</key>
            <summary>Exhaust cursors on single threaded drivers may interfere with SDAM monitoring</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="kevin.albertson@mongodb.com">Kevin Albertson</reporter>
                        <labels>
                    </labels>
                <created>Wed, 15 Jan 2020 21:58:43 +0000</created>
                <updated>Thu, 23 Mar 2023 21:48:12 +0000</updated>
                                                                            <component>libmongoc</component>
                                        <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="1026182">CDRIVER-3438</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr6jkc:0i</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>