Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-3488

Use-after-free after popping a session from a client that has been reset

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.16.0
    • Affects Version/s: 1.15.3
    • Component/s: None
    • None

      Situation:

      • mongoc_client_reset is called on a mongoc_client_t
      • an operation is performed on the client that requires popping a session from the session pool. This would be most operations against 3.6+ server.

      Since _mongoc_topology_clear_session_pool does not NULL out topology->session_pool, the next attempt to pop a session results in a use-after-free when accessing topology->session_pool.

            Assignee:
            kevin.albertson@mongodb.com Kevin Albertson
            Reporter:
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: