<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 09:08:57 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[MONGOCRYPT-554] _fle2_finalize is missing calls to bson_destroy in an error case / double-initializing bson_t</title>
                <link>https://jira.mongodb.org/browse/MONGOCRYPT-554</link>
                <project id="17481" key="MONGOCRYPT">Libmongocrypt</project>
                    <description>&lt;p&gt;In &lt;tt&gt;_fle2_finalize&lt;/tt&gt; in &lt;tt&gt;mongocrypt-ctx-encrypt.c&lt;/tt&gt;, there are two potential&#160; memory leak errors that occur:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;The error case on &lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/2ec9c3c4ff94f76bb51a5b4cc2fe9190457d6541/src/mongocrypt-ctx-encrypt.c#L1663&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;line 1663 (as of commit &lt;tt&gt;2ec9c3&lt;/tt&gt;)&lt;/a&gt; should &lt;tt&gt;bson_destroy&lt;/tt&gt; the &lt;tt&gt;converted&lt;/tt&gt; and &lt;tt&gt;deleteTokens&lt;/tt&gt; instances but is not currently doing so. (It also looks like the error case should return &lt;tt&gt;_mongocrypt_ctx_fail (ctx)&lt;/tt&gt; instead of &lt;tt&gt;false&lt;/tt&gt; in this case.)&lt;/li&gt;
	&lt;li&gt;&lt;tt&gt;bson_copy_to&lt;/tt&gt; on &lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/2ec9c3c4ff94f76bb51a5b4cc2fe9190457d6541/src/mongocrypt-ctx-encrypt.c#L1616-L1617&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;line 1617 (as of commit &lt;tt&gt;2ec9c3&lt;/tt&gt;)&lt;/a&gt; requires that the destination argument is an uninitialized bson_t (&lt;a href=&quot;http://mongoc.org/libbson/current/bson_copy_to.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;documentation&lt;/a&gt;) but line 1616 calls &lt;tt&gt;bson_init&lt;/tt&gt; on the destination &lt;tt&gt;converted&lt;/tt&gt;.&lt;/li&gt;
&lt;/ol&gt;


&lt;p&gt;&#8212;&lt;/p&gt;

&lt;p&gt;To reproduce, use&lt;/p&gt;
&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: #ff1493; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mkdir&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt; cmake-build &amp;amp;&amp;amp; &lt;/span&gt;&lt;span style=&quot;color: #ff1493; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;cd&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt; cmake-build&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;cmake ../&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: #ff1493; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;make&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;valgrind --leak-check=full .&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;/test-mongocrypt&lt;/span&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt; &lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;</description>
                <environment></environment>
        <key id="2285179">MONGOCRYPT-554</key>
            <summary>_fle2_finalize is missing calls to bson_destroy in an error case / double-initializing bson_t</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="kevin.albertson@mongodb.com">Kevin Albertson</assignee>
                                    <reporter username="zachary.espiritu@mongodb.com">Zachary Espiritu</reporter>
                        <labels>
                    </labels>
                <created>Thu, 9 Mar 2023 19:40:14 +0000</created>
                <updated>Sat, 28 Oct 2023 10:25:58 +0000</updated>
                            <resolved>Tue, 14 Mar 2023 20:25:45 +0000</resolved>
                                                    <fixVersion>1.7.3</fixVersion>
                                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="5286642" author="xgen-internal-githook" created="Mon, 20 Mar 2023 22:36:03 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-554&quot; title=&quot;_fle2_finalize is missing calls to bson_destroy in an error case / double-initializing bson_t&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-554&quot;&gt;&lt;del&gt;MONGOCRYPT-554&lt;/del&gt;&lt;/a&gt; fix cleanup in `_fle2_finalize` error case (#595)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;add missing destroy and context fail on error&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;remove unnecessary `bson_init`&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;`bson_copy_to` initializes the destination&lt;br/&gt;
Branch: shreyaskalyan/&lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-539&quot; title=&quot;Add unit test for the PayloadV2 parse &amp;amp; serialization interface&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-539&quot;&gt;&lt;del&gt;MONGOCRYPT-539&lt;/del&gt;&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/c89c984e0d1b2cf4b8735433d060f664a5535a36&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/c89c984e0d1b2cf4b8735433d060f664a5535a36&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5272520" author="xgen-internal-githook" created="Tue, 14 Mar 2023 20:26:36 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-554&quot; title=&quot;_fle2_finalize is missing calls to bson_destroy in an error case / double-initializing bson_t&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-554&quot;&gt;&lt;del&gt;MONGOCRYPT-554&lt;/del&gt;&lt;/a&gt; fix cleanup in `_fle2_finalize` error case (#595)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;add missing destroy and context fail on error&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;remove unnecessary `bson_init`&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;`bson_copy_to` initializes the destination&lt;br/&gt;
Branch: r1.7&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/0caa1d3249d85050d0e3422d602e630aca574e0b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/0caa1d3249d85050d0e3422d602e630aca574e0b&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5272515" author="xgen-internal-githook" created="Tue, 14 Mar 2023 20:25:31 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Kevin Albertson&apos;, &apos;email&apos;: &apos;kevin.albertson@mongodb.com&apos;, &apos;username&apos;: &apos;kevinAlbs&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/MONGOCRYPT-554&quot; title=&quot;_fle2_finalize is missing calls to bson_destroy in an error case / double-initializing bson_t&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MONGOCRYPT-554&quot;&gt;&lt;del&gt;MONGOCRYPT-554&lt;/del&gt;&lt;/a&gt; fix cleanup in `_fle2_finalize` error case (#595)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;add missing destroy and context fail on error&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;remove unnecessary `bson_init`&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;`bson_copy_to` initializes the destination&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libmongocrypt/commit/c89c984e0d1b2cf4b8735433d060f664a5535a36&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libmongocrypt/commit/c89c984e0d1b2cf4b8735433d060f664a5535a36&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5271352" author="kevin.albertson" created="Tue, 14 Mar 2023 15:31:16 +0000"  >&lt;p&gt;Thank you for the report.&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;In &lt;tt&gt;_fle2_finalize&lt;/tt&gt; in &lt;tt&gt;mongocrypt-ctx-encrypt.c&lt;/tt&gt;, there are two potential&#160; memory leak errors that occur:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;The error case on &lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/2ec9c3c4ff94f76bb51a5b4cc2fe9190457d6541/src/mongocrypt-ctx-encrypt.c#L1663&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;line 1663 (as of commit &lt;tt&gt;2ec9c3&lt;/tt&gt;)&lt;/a&gt; should &lt;tt&gt;bson_destroy&lt;/tt&gt; the &lt;tt&gt;converted&lt;/tt&gt; and &lt;tt&gt;deleteTokens&lt;/tt&gt; instances but is not currently doing so. (It also looks like the error case should return &lt;tt&gt;_mongocrypt_ctx_fail (ctx)&lt;/tt&gt; instead of &lt;tt&gt;false&lt;/tt&gt; in this case.)&lt;/li&gt;
&lt;/ol&gt;
&lt;/blockquote&gt;

&lt;p&gt;Good catch. The error path does not appear to be exercised by tests.&lt;/p&gt;

&lt;blockquote&gt;
&lt;ol&gt;
	&lt;li&gt;&lt;tt&gt;bson_copy_to&lt;/tt&gt; on &lt;a href=&quot;https://github.com/mongodb/libmongocrypt/blob/2ec9c3c4ff94f76bb51a5b4cc2fe9190457d6541/src/mongocrypt-ctx-encrypt.c#L1616-L1617&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;line 1617 (as of commit &lt;tt&gt;2ec9c3&lt;/tt&gt;)&lt;/a&gt; requires that the destination argument is an uninitialized bson_t (&lt;a href=&quot;http://mongoc.org/libbson/current/bson_copy_to.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;documentation&lt;/a&gt;) but line 1616 calls &lt;tt&gt;bson_init&lt;/tt&gt; on the destination &lt;tt&gt;converted&lt;/tt&gt;.&lt;/li&gt;
&lt;/ol&gt;
&lt;/blockquote&gt;

&lt;p&gt;Was this discovered by building the C driver with &lt;tt&gt;-DBSON_MEMCHECK&lt;/tt&gt;? If yes, the C driver (and libmongocrypt) no longer test building with &lt;tt&gt;-DBSON_MEMCHECK&lt;/tt&gt;. Testing with &lt;tt&gt;BSON_MEMCHECK&lt;/tt&gt; was removed in &lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/d9fa2a361d859f0f0d17ca264af868119c18c188&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;this commit&lt;/a&gt;. Documented use of &lt;tt&gt;BSON_MEMCHECK&lt;/tt&gt; was removed in &lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/c796edd584d7e49bbe165dc1a25e8f7a344009ce#diff-4e021c20874a2dccd032570393c69e5c6bbaddbdd18469d71840670a38d0351b&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;this commit&lt;/a&gt;. We do not intend to the check with &lt;tt&gt;BSON_MEMCHECK&lt;/tt&gt;. &lt;tt&gt;BSON_MEMCHECK&lt;/tt&gt; added development difficulty (breaking ABI of &lt;tt&gt;bson_t&lt;/tt&gt;) and rarely discovered legitimate leaks.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                <customfield id="customfield_21957" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Binding Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="22966"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr6i7r:f0wf</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                </customfields>
    </item>
</channel>
</rss>