Operational Defect Database

BugZero found this defect 2506 days ago.

MongoDB | 374736

[SERVER-28826] Limit parsing in cluster geoNear performs unsafe conversion to int

Last update date:

10/12/2017

Affected products:

MongoDB Server

Affected releases:

No affected releases provided.

Fixed releases:

3.5.7

Description:

Info

Limit parsing in cluster geoNear calls BSONElement::numberInt() here. This can result in undefined behavior, since all that is known about the BSONElement is that it is a number. Instead we should call BSONElement::safeNumberLong(), like in geoNear limit parsing in mongod here.

Top User Comments

xgen-internal-githook commented on Mon, 17 Apr 2017 22:06:11 +0000: Author: {u'username': u'tessavitabile', u'name': u'Tess Avitabile', u'email': u'tess.avitabile@mongodb.com'} Message: SERVER-28826 Limit parsing in cluster geoNear should not perform unsafe conversion to int Branch: master https://github.com/mongodb/mongo/commit/4d2c6318608c22869b0655058431b37741822263

Additional Resources / Links

Share:

BugZero Risk Score

Coming soon

Status

Closed

Have you been affected by this bug?

cost-cta-background

Do you know how much operational outages are costing you?

Understand the cost to your business and how BugZero can help you reduce those costs.

Discussion

Login to read and write comments.

Have you ever...

had your data corrupted from a

VMware

bug?

Search:

...