bsonrw.valueReader does not verify length of string before slice for CodeWithScope

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major - P3
    • 1.3.1
    • Affects Version/s: 1.0.0
    • Component/s: BSON
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Within the ReadCodeWithScope method of bsonrw.valueReader we don't check the length of strBytes before attempting to remove the null byte. This can cause a panic if the BSON is invalid and strLength is 0.

      To fix this we need to check the length of strBytes and if it's 0 we need to return an error because the BSON is invalid.

       

      Thanks to @dgryski for raising this.

            Assignee:
            Isabella Siu (Inactive)
            Reporter:
            Kristofer Brandow (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: