Summary

bson_validate uses bson_iter_visit_all to visit elements in the document. bson_iter_visit_all performs its own validation on document elements before passing them to the visitor. Invalid data caught by bson_iter_visit_all is never given to the validation visitor, and bson_validate does not handle the error indicated by bson_iter_visit_all.

Environment

Present in libbson r1.22

How to Reproduce

The following byte sequence will be accepted by bson_validate, but is invalid and generates an error in bson_iter_visit_all:

12 00 00 00 02 61 00 06 00 00 00 61 61 FF 61 61 00 00

(The FF byte is an not a valid UTF-8 code unit)

Additional Background

There are no test cases for bson_validate that handle invalid UTF-8 strings. It is possible there are other missing cases as well.