diff options
| author | Eric Milkie <milkie@10gen.com> | 2020-05-05 15:58:04 -0400 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-05-06 17:47:53 +0000 |
| commit | af53817b7963ed7b19e4d0383867e59fb86a0c6e (patch) | |
| tree | 0627eeba8253d4a8e18cd70fa0f2c3022f03db96 | |
| parent | 19f5ec075faa017b1498e58c61eb03c57c8b3c69 (diff) | |
| download | mongo-af53817b7963ed7b19e4d0383867e59fb86a0c6e.tar.gz | |
SERVER-47846 fix use-after-free coding error in collMod hidden indexes
(cherry picked from commit 951a6c5f089fdb1c5e2cae1641a6ca20d8c2662c)
| -rw-r--r-- | src/mongo/db/catalog/coll_mod.cpp | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/mongo/db/catalog/coll_mod.cpp b/src/mongo/db/catalog/coll_mod.cpp index a0a5cc325e1..46151cdec52 100644 --- a/src/mongo/db/catalog/coll_mod.cpp +++ b/src/mongo/db/catalog/coll_mod.cpp @@ -348,6 +348,8 @@ Status _collModInternal(OperationContext* opCtx, auto viewOn = cmrNew.viewOn; auto indexExpireAfterSeconds = cmrNew.indexExpireAfterSeconds; auto indexHidden = cmrNew.indexHidden; + // WriteConflictExceptions thrown in the writeConflictRetry loop below can cause cmrNew.idx to + // become invalid, so save a copy to use in the loop until we can refresh it. auto idx = cmrNew.idx; if (indexHidden) { @@ -441,7 +443,7 @@ Status _collModInternal(OperationContext* opCtx, : Seconds(oldExpireSecs.safeNumberLong()), !indexHidden ? boost::optional<bool>() : newHidden.booleanSafe(), !indexHidden ? boost::optional<bool>() : oldHidden.booleanSafe(), - cmrNew.idx->indexName()}; + idx->indexName()}; // Notify the index catalog that the definition of this index changed. This will // invalidate the local idx pointer. On rollback of this WUOW, the idx pointer in |