-
Type: Bug
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: 3.3.12
-
Component/s: Stability
-
Query Optimization
-
ALL
Currently, almost all commands use BSONElement::numberLong or BSONElement::numberInt to parse user input for fields that expect a number. This results in undefined behavior when the input is outside the range of a valid integer type.
User-facing commands should use BSONElement::safeNumberLong instead. See the geoNear command as an example.
- is depended on by
-
SERVER-25188 Add non-debug UBSan variant for jstestfuzz tasks
- Closed
- is related to
-
SERVER-41024 safeInt32 and safeInt64 IDL types are not safe for all numerical inputs, results in UB
- Closed
-
SERVER-56516 Fix undefined behaviour in parsing code for $slice projectional operator
- Closed
-
SERVER-57118 Unify query operators argument validation
- Backlog
- related to
-
SERVER-12813 Overflow when converting double values in user input to long long values
- Open
-
SERVER-68309 Investigate for unsafe narrowing conversions
- Closed
-
SERVER-68705 Refactor BSONElement API to avoid unsafe implicit type conversion
- Backlog