[MB-31071] Illegal packet may not be audited - Couchbase database

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: master, 5.0.0, 5.1.0, 5.0.1, 5.1.1, 6.5.0, 6.0.0, 5.5.0, 5.5.1
Fix Version/s: 6.5.0
Component/s: memcached
Labels:
- 6.x-candidate

Triage:
Untriaged
Is this a Regression?:
Unknown

Description

std::overflow_error may be thrown when formatting the audit event causing the connection to be dropped without storing the audit event first

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

Ascending order - Click to sort in descending order

Couchbase Build Team added a comment - 28/Aug/18 9:48 AM

Build couchbase-server-6.5.0-1259 contains kv_engine commit 89f40c4 with commit message:
~~MB-31071~~: catch std::overflow_error in "debug_helpers"

Couchbase Build Team added a comment - 28/Aug/18 9:48 AM Build couchbase-server-6.5.0-1259 contains kv_engine commit 89f40c4 with commit message: MB-31071 : catch std::overflow_error in "debug_helpers"

Lynn Straus added a comment - 12/Sep/18 9:15 AM

Dave Finlay, this ticket is still linked to the Alice tracking ticket however the Alice fix version was removed. Please advise if we should fully remove from Alice. Thanks.

Lynn Straus added a comment - 12/Sep/18 9:15 AM Dave Finlay , this ticket is still linked to the Alice tracking ticket however the Alice fix version was removed. Please advise if we should fully remove from Alice. Thanks.

Trond Norbye added a comment - 03/Dec/18 12:45 AM

The code is still vulnerable to this as it tries to fetch the entire packet, which may throw an exception if the "length bytes" in the packet contains an invalid value (which is very likely if rubbish is sent to the port).

Trond Norbye added a comment - 03/Dec/18 12:45 AM The code is still vulnerable to this as it tries to fetch the entire packet, which may throw an exception if the "length bytes" in the packet contains an invalid value (which is very likely if rubbish is sent to the port).

Couchbase Build Team added a comment - 03/Dec/18 5:12 AM

Build couchbase-server-6.5.0-1773 contains kv_engine commit cb06317 with commit message:
~~MB-31071~~: Fix audit of illegal packet

Couchbase Build Team added a comment - 03/Dec/18 5:12 AM Build couchbase-server-6.5.0-1773 contains kv_engine commit cb06317 with commit message: MB-31071 : Fix audit of illegal packet

Lynn Straus added a comment - 15/Jan/19 12:20 PM

removing 5.5.x candidate label and replacing with 6.x candidate label

Lynn Straus added a comment - 15/Jan/19 12:20 PM removing 5.5.x candidate label and replacing with 6.x candidate label

People

Assignee:: Trond Norbye

Reporter:: Trond Norbye

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 28/Aug/18 1:56 AM

Updated:: 15/Jan/19 12:21 PM

Resolved:: 15/Jan/19 12:21 PM

Gerrit Reviews

There are no open Gerrit changes

Show There are 2 closed Gerrit changes

Hide There are 2 closed Gerrit changes

MB-31071: catch std::overflow_error in "debug_helpers": Gerrit Review:

MB-31071: Fix audit of illegal packet: Gerrit Review:

PagerDuty

Couchbase Server

Details

Description

Attachments

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty