Major - P3 To reproduce:
- create a normal gridfs file in server side
- corrupt the server side data by updating the binary data with data length larger than chunk size
e.g. by issuing the following update script on gridfs .chunks collectiondb.getCollection("test.chunks").update( { _id: ObjectId("5b44698c5e82244456e061c3") }, { _id: ObjectId("5b44698c5e82244456e061c3"), "files_id": ObjectId("5b44698a7fe4771ab4002304"), n: NumberInt("0"), data: BinData(0, "iVBOR.....RK5CYII=") } );
note: the binary data length has to be larger than the defined gridfs file chunk size
- in client side, issue the following call
mongoc_gridfs_file_readv(...)
- it will cause an BSON_ASSERT (len <= chunk_size); since the len of this page is larger than the chunk_size
mongoc_gridfs_file_page_t * _mongoc_gridfs_file_page_new (const uint8_t *data, uint32_t len, uint32_t chunk_size) { mongoc_gridfs_file_page_t *page; ENTRY; BSON_ASSERT (data); BSON_ASSERT (len <= chunk_size); page = (mongoc_gridfs_file_page_t *) bson_malloc0 (sizeof *page); page->chunk_size = chunk_size; page->read_buf = data; page->len = len; RETURN (page); }
Client side library should check for this corrupted case, instead of asserting the execution?
At the moment, there is no way to do a precaution checking without inspecting the low level raw .chunks collection
The libmongoc should be fixed, since server side data corruption should not assert client side execution.