Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-29522

CouchKVStore::rollback fails to check result of readVBState

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 5.5.0
    • 5.5.0
    • couchbase-bucket
    • Untriaged
    • Unknown

    Description

      As identified by UBSan, CouchKVStore::rollback() doesn't check the return value of resdVBState; which can result in it attempting to write a null local document to the rolled-back vBucket:

      [ RUN      ] CouchKVStoreErrorInjectionTest.readVBState_open_local_document
      		 
      runtime error: null pointer passed as argument 2, which is declared to never be null
      		 
       
      		 
      #0 0x7ffff7b5f30a in encode_root couchstore/src/node_types.cc:75
      		 
      #1 0x7ffff7b36033 in db_write_header couchstore/src/couch_db.cc:175
      		 
      #2 0x7ffff7b3f487 in couchstore_commit couchstore/src/couch_db.cc:255
      		 
      #3 0x12c0e6d in CouchKVStore::rollback(unsigned short, unsigned long, std::shared_ptr<RollbackCB>) kv_engine/engines/ep/src/couch-kvstore/couch-kvstore.cc:2674
      		 
      #4 0xd15cc6 in CouchKVStoreErrorInjectionTest_readVBState_open_local_document_Test::TestBody() kv_engine/engines/ep/tests/module_tests/kvstore_test.cc:1030

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            drigby Dave Rigby (Inactive)
            drigby Dave Rigby (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty