Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-243

libmongocrypt segfaults if a handle is used without init being called on it

    • Type: Icon: Bug Bug
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None

      The program at https://github.com/p-mongo/tests/blob/master/lmc-empty-bson/test-handle-not-inited.c calls mongocrypt_new and then, without calling mongocrypt_init, it calls mongocrypt_ctx_new and mongocrypt_ctx_decrypt_init. This results in a segfault on my system:

      
      speed% ./test-handle-not-inited 
      zsh: segmentation fault  ./test-handle-not-inited
      

      For reasons described in https://jira.mongodb.org/browse/MONGOCRYPT-241, libmongocrypt segfaulting makes the errors (even if they are originating in libmongocrypt consumers rather than libmongocrypt itself) difficult to debug, and potentially can produce DOS on applications.

      I believe libmongocrypt should be performing more runtime checks on its data structures, such that it can fail with ordinary errors in cases of misuse rather than cause termination of the process into which it is loaded.

            Assignee:
            Unassigned Unassigned
            Reporter:
            oleg.pudeyev@mongodb.com Oleg Pudeyev (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: