Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-187

Bad bson dump can cause a seg fault on mongod when doing restore

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.8.0-rc4
    • Affects Version/s: Legacy C++ Implementation
    • Component/s: mongorestore
    • None
    • Environment:
      mongod git hash 4aaed4ccfb608db56a269e0422f6d48385c28445

      Running a mongorestore on bad_user.bson will crash the server with the stack trace:

      Sat Aug  4 15:25:12 Got signal: 11 (Segmentation fault: 11).
      Sat Aug  4 15:25:12 Backtrace:
      0x10a991b2b 0x10a654031 0x10a653ee2 0x7fff8bd39cfa 0x7fa8fb6005c0 0x10a6e9701 0x10a6ef3ef 0x10a65d582 0x10aaedbdd 0x10a7ff8e5 0x7fff8bce58bf 0x7fff8bce8b75 
       0   mongod                              0x000000010a991b2b _ZN5mongo15printStackTraceERSo + 43
       1   mongod                              0x000000010a654031 _ZN5mongo10abruptQuitEi + 225
       2   mongod                              0x000000010a653ee2 _ZN5mongo24abruptQuitWithAddrSignalEiP9__siginfoPv + 242
       3   libsystem_c.dylib                   0x00007fff8bd39cfa _sigtramp + 26
       4   ???                                 0x00007fa8fb6005c0 0x0 + 140363748607424
       5   mongod                              0x000000010a6e9701 _ZN5mongo14receivedInsertERNS_7MessageERNS_5CurOpE + 977
       6   mongod                              0x000000010a6ef3ef _ZN5mongo16assembleResponseERNS_7MessageERNS_10DbResponseERKNS_11HostAndPortE + 6479
       7   mongod                              0x000000010a65d582 _ZN5mongo16MyMessageHandler7processERNS_7MessageEPNS_21AbstractMessagingPortEPNS_9LastErrorE + 206
       8   mongod                              0x000000010aaedbdd _ZN5mongo3pms9threadRunEPNS_13MessagingPortE + 1645
       9   mongod                              0x000000010a7ff8e5 thread_proxy + 229
       10  libsystem_c.dylib                   0x00007fff8bce58bf _pthread_start + 335
       11  libsystem_c.dylib                   0x00007fff8bce8b75 thread_start + 13

        1. user.bson
          400 kB
        2. fuzzer.py
          1 kB
        3. bad_user.bson
          400 kB

            mikeo@mongodb.com Michael O'Brien
            randolph@mongodb.com Randolph Tan
            0 Vote for this issue
            1 Start watching this issue
