Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-530

SASL version check does not do what you think it does

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 1.2-beta0
    • Affects Version/s: 1.1.0
    • Component/s: auth, Build, libmongoc
    • None

      mongo-c-driver 1.1.0 (and the latest code in the repository also) contains the file src/mongoc/mongoc-sasl.c with this code intended to only call the function sasl_client_done on SASL version 2.1.24 or greater:

      #if (SASL_VERSION_MAJOR >= 2) && \
    (SASL_VERSION_MINOR >= 1) && \
    (SASL_VERSION_STEP >= 24) && \
    (!defined(__APPLE__))
   sasl_client_done ();
#endif

      This code is clearly completely wrong. What will happen if the SASL version is 2.2.0? or 3.0.0? (sasl_client_done will not be called, though you would want it to be.)

      Another problem: you're checking the SASL version at compile time. What if the version of SASL at compile time is different from the SASL version at runtime?

            Assignee:
            Unassigned Unassigned
            Reporter:
            ryandesign Ryan Schmidt
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: