<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:18:30 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-3592] check new buffer allocated size just before reallocating</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-3592</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;One of the assertions at the start of &lt;tt&gt;_mongoc_buffer_append&lt;/tt&gt; is as follows:&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;   BSON_ASSERT ((buffer-&amp;gt;datalen + data_size) &amp;lt; INT_MAX);&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;
&lt;p&gt;The check of &lt;tt&gt;(buffer-&amp;gt;datalen + data_size)&lt;/tt&gt; is in the wrong place.  Logically, it ensures that the allocated size of the buffer (not the actual utilized storage within the allocation) can be increased without overflowing &lt;tt&gt;INT_MAX&lt;/tt&gt;.  This check is only needed just before a reallocation of the buffer into a larger memory area.&lt;/p&gt;

&lt;p&gt;The check in its current place at the entry to the function is incorrect because upon entering the function after a reallocation of the buffer to a size of &lt;tt&gt;INT_MAX&lt;/tt&gt; the assertion will fail, even when the actual buffer contents only occupy slightly more than &lt;tt&gt;INT_MAX/2&lt;/tt&gt;.&lt;/p&gt;

&lt;p&gt;Other append functions nearby to &lt;tt&gt;_mongoc_buffer_append&lt;/tt&gt; contain the same logic defect.&lt;/p&gt;

&lt;p&gt;The correct behavior is for the assertion to occur immediately preceding the call to &lt;tt&gt;bson_next_power_of_two&lt;/tt&gt;.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1291157">CDRIVER-3592</key>
            <summary>check new buffer allocated size just before reallocating</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="roberto.sanchez@mongodb.com">Roberto Sanchez</assignee>
                                    <reporter username="roberto.sanchez@mongodb.com">Roberto Sanchez</reporter>
                        <labels>
                    </labels>
                <created>Wed, 25 Mar 2020 20:38:18 +0000</created>
                <updated>Sat, 28 Oct 2023 11:28:50 +0000</updated>
                            <resolved>Mon, 30 Mar 2020 16:26:07 +0000</resolved>
                                                    <fixVersion>1.17.0-beta</fixVersion>
                    <fixVersion>1.17.0</fixVersion>
                                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="3013177" author="xgen-internal-githook" created="Mon, 30 Mar 2020 16:25:35 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Roberto C. S&#225;nchez&apos;, &apos;email&apos;: &apos;roberto@connexer.com&apos;, &apos;username&apos;: &apos;rcsanchez97&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-3592&quot; title=&quot;check new buffer allocated size just before reallocating&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-3592&quot;&gt;&lt;del&gt;CDRIVER-3592&lt;/del&gt;&lt;/a&gt; check new buffer allocated size just before reallocating&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/9449e3a4723bc645324ed0331e9eab1fb7ea2e15&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/9449e3a4723bc645324ed0331e9eab1fb7ea2e15&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hwz1qf:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>