-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: 3.4.0, 3.6.0, 4.0.0, 4.2.0
-
Component/s: Replication
-
None
-
Fully Compatible
-
ALL
-
v4.2, v4.0, v3.6, v3.4
-
Execution Team 2019-10-21
OplogInterfaceLocal::next() returns an unowned BSONObj. This is problematic because callers in RollBackLocalOperations::onRemoteOperation() save the resulting object and call next() several times without taking ownership first. This results in a bugs where an unowned BSONObj can point to freed or overwritten memory.