Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-1876

libbson doesn't validate length inside binary subtype 0x02

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.0
    • Component/s: libbson
    • Labels:
      None
    • Sprint:
      C Driver 2017 1 - Jan 20, 2017

      Description

      Deprecated subtype 0x02 includes a redundant length inside the binary payload. libbson doesn't validate this length and just skips over it.

      _bson_iter_next_internal does validate that subtype 0x02 has at least 4 bytes for the inner length. It should validate that the inner length is consistent with the binary envelope as well.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-c-driver Backlog - C Driver Team
              Reporter:
              david.golden David Golden
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: