SERVER-21166 validate that index key pattern values are representable as 32-bit signed numbers

1 files changed, 15 insertions, 0 deletions

diff --git a/src/mongo/db/catalog/index_key_validate.cpp b/src/mongo/db/catalog/index_key_validate.cpp
index d29c4d93d92..570f246f35e 100644
--- a/src/mongo/db/catalog/index_key_validate.cpp
+++ b/src/mongo/db/catalog/index_key_validate.cpp
@@ -26,8 +26,12 @@
 *    it in the license file.
 */
 
+#include "mongo/platform/basic.h"
+
 #include "mongo/db/catalog/index_key_validate.h"
 
+#include <limits>
+
 #include "mongo/db/field_ref.h"
 #include "mongo/db/index_names.h"
 #include "mongo/db/jsobj.h"
@@ -64,6 +68,17 @@ Status validateKeyPattern(const BSONObj& key) {
             return Status(code, "Can't use more than one index plugin for a single index.");
         }
 
+        // We convert the element value to an int in order to determine whether the index is
+        // ascending or descending on a particular field. Therefore, the element value cannot
+        // overflow an int.
+        long long asLong = keyElement.safeNumberLong();
+        if (asLong > std::numeric_limits<int>::max() || asLong < std::numeric_limits<int>::min()) {
+            return Status(code,
+                          str::stream()
+                              << "Key pattern element cannot be represented as a 32-bit int: "
+                              << keyElement);
+        }
+
         // Ensure that the fields on which we are building the index are valid: a field must not
         // begin with a '$' unless it is part of a DBRef or text index, and a field path cannot
         // contain an empty field. If a field cannot be created or updated, it should not be