bsonrw.valueReader does not verify length of string before slice for CodeWithScope

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major - P3
    • 1.3.1
    • Affects Version/s: 1.0.0
    • Component/s: BSON
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Within the ReadCodeWithScope method of bsonrw.valueReader we don't check the length of strBytes before attempting to remove the null byte. This can cause a panic if the BSON is invalid and strLength is 0.

      To fix this we need to check the length of strBytes and if it's 0 we need to return an error because the BSON is invalid.

       

      Thanks to @dgryski for raising this.

              Assignee:
              Isabella Siu (Inactive)
              Reporter:
              Kristofer Brandow (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: