Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-581

Allow passing negative len to kms_request_append_payload() for strlen() calculation

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Works as Designed
    • Icon: Unknown Unknown
    • None
    • 1.7.0
    • None
    • None
    • Not Needed

    Description

      55f2ee0 for MONGOCRYPT-468 added the following assertion for the size_t len parameter in kms_request_append_payload():

      KMS_ASSERT (len <= SSIZE_MAX);
      

      When building an application with both libmongoc and libmongocrypt, it's possible that the libmongocrypt KMS package will be used instead of the libmongoc version. This is the case with the PHP driver when compiling with bundled sources.

      In such a build configuration, the assertion logic breaks MONGODB-AWS auth code that invokes kms_request_append_payload() with len = -1, which is intended to defer to calling strlen().

      Attachments

        Activity

          People

            kevin.albertson@mongodb.com Kevin Albertson
            jmikola@mongodb.com Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: