Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-47963

[CX] SUBSTR function may produce malformed string

    XMLWordPrintable

Details

    • Untriaged
    • 1
    • Unknown
    • CX Sprint 259, CX Sprint 260, CX Sprint 261, CX Sprint 262

    Description

      SUBSTR function may produce a malformed string. SUBSTR function uses a string builder to construct the output substring. Before constructing the string, it gives an estimated length of the output substring to the string builder and then starts writing out the substring data to the builder buffer. If the actual data written exceeds the estimated length by an amount that requires the builder buffer to make more space to encode the actual length and shift the substring content, the resulting content gets malformed which might lead to failures up in the stack.

      Also, for the function call SUBSTR(input_string, 0, num_chars_to_substring) with start offset = 0, SUBSTR always estimates the length to be 0-127 which means if the characters written go beyond 127, it will encounter the issue described above.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          ali.alsuliman Ali Alsuliman created issue -
          ali.alsuliman Ali Alsuliman made changes -
          Field Original Value New Value
          Link This issue causes CBSE-10563 [ CBSE-10563 ]
          ali.alsuliman Ali Alsuliman made changes -
          Description SUBSTR function may produce a malformed string. SUBSTR function uses a string builder to construct the output substring. Before constructing the string, it gives an estimated length of the output substring to the string builder, and then starts writing out the substring data to the builder buffer. If the actual data written exceeds the estimated length by an amount that requires the builder buffer to make more space to encode the actual length and shift the substring content, the resulting content gets malformed which might lead to failures up in the stack. SUBSTR function may produce a malformed string. SUBSTR function uses a string builder to construct the output substring. Before constructing the string, it gives an estimated length of the output substring to the string builder and then starts writing out the substring data to the builder buffer. If the actual data written exceeds the estimated length by an amount that requires the builder buffer to make more space to encode the actual length and shift the substring content, the resulting content gets malformed which might lead to failures up in the stack.

          Also, for the function call SUBSTR(input_string, 0, num_chars_to_substring) with start offset = 0, SUBSTR always estimates the length to be 0-127 which means if the characters written go beyond 127, it will encounter the issue described above.
          ali.alsuliman Ali Alsuliman made changes -
          Rank Ranked higher
          ali.alsuliman Ali Alsuliman made changes -
          Rank Ranked higher
          ali.alsuliman Ali Alsuliman made changes -
          Sprint CX Sprint 259 [ 1736 ]
          ali.alsuliman Ali Alsuliman made changes -
          Rank Ranked lower
          ali.alsuliman Ali Alsuliman made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          dmitry.lychagin Dmitry Lychagin (Inactive) made changes -
          Labels triaged
          dmitry.lychagin Dmitry Lychagin (Inactive) made changes -
          Fix Version/s 7.0.2 [ 18012 ]
          till Till Westmann made changes -
          Link This issue is triggered by CBSE-10563 [ CBSE-10563 ]
          till Till Westmann made changes -
          Link This issue is triggered by CBSE-10563 [ CBSE-10563 ]
          till Till Westmann made changes -
          Link This issue blocks MB-46308 [ MB-46308 ]
          till Till Westmann made changes -
          Labels triaged approved-for-7.0.2 triaged
          till Till Westmann made changes -
          Sprint CX Sprint 259 [ 1736 ] CX Sprint 259, CX Sprint 260 [ 1736, 1758 ]
          ali.alsuliman Ali Alsuliman made changes -
          Remote Link This issue links to "Gerrit change (Web Link)" [ 23052 ]
          till Till Westmann made changes -
          Sprint CX Sprint 259, CX Sprint 260 [ 1736, 1758 ] CX Sprint 259, CX Sprint 260, CX Sprint 261 [ 1736, 1758, 1765 ]
          till Till Westmann made changes -
          Sprint CX Sprint 259, CX Sprint 260, CX Sprint 261 [ 1736, 1758, 1765 ] CX Sprint 259, CX Sprint 260, CX Sprint 261, CX Sprint 262 [ 1736, 1758, 1765, 1778 ]
          wayne Wayne Siu made changes -
          Link This issue blocks MB-47673 [ MB-47673 ]
          wayne Wayne Siu made changes -
          Labels approved-for-7.0.2 triaged approved-for-6.6.4 approved-for-7.0.2 triaged
          ali.alsuliman Ali Alsuliman made changes -
          Remote Link This issue links to "*DB git commit 1 (Web Link)" [ 23120 ]
          ali.alsuliman Ali Alsuliman made changes -
          Remote Link This issue links to "*DB git commit 2 (Web Link)" [ 23129 ]
          ali.alsuliman Ali Alsuliman made changes -
          Resolution Fixed [ 1 ]
          Status In Progress [ 3 ] Resolved [ 5 ]
          umang.agrawal Umang made changes -
          Assignee Ali Alsuliman [ ali.alsuilman ] Umang [ JIRAUSER24787 ]
          Status Resolved [ 5 ] Closed [ 6 ]
          wayne Wayne Siu made changes -
          Link This issue blocks MB-50048 [ MB-50048 ]

          People

            umang.agrawal Umang
            ali.alsuliman Ali Alsuliman
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty