Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-102285

Issuing a getMore with a different namespace from find fails on a replica set & succeeds on a sharded cluster

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • Query Execution
    • ALL
    • Hide 
      var cmdRes;
var collName = 'getmore_cmd_invalid_namespace';
var coll = db[collName];
coll.drop();
const numDocs = 10;
const initialBatchSize = 2;
assert.commandWorked(db.createCollection(collName));
for (var i = 0; i < numDocs; i++) {
    assert.commandWorked(coll.insert({a: i}));
}

// Run a find against the initial collection to establish a cursor.
cmdRes = db.runCommand({find: collName, batchSize: initialBatchSize});
assert.commandWorked(cmdRes);let cursorId = cmdRes.cursor.id;

// Now attempt a getMore with an invalid namespace.
cmdRes = db.runCommand({getMore: cursorId, collection: "invalid_namespace_for_getMore_test"});
// This check will succeed on a standalone/rs and fail on a sharded cluster
assert.commandFailedWithCode(cmdRes, ErrorCodes.Unauthorized);
      Show
      var cmdRes; var collName = 'getmore_cmd_invalid_namespace' ; var coll = db[collName]; coll.drop(); const numDocs = 10; const initialBatchSize = 2; assert .commandWorked(db.createCollection(collName)); for ( var i = 0; i < numDocs; i++) {     assert .commandWorked(coll.insert({a: i})); } // Run a find against the initial collection to establish a cursor. cmdRes = db.runCommand({find: collName, batchSize: initialBatchSize}); assert .commandWorked(cmdRes);let cursorId = cmdRes.cursor.id; // Now attempt a getMore with an invalid namespace. cmdRes = db.runCommand({getMore: cursorId, collection: "invalid_namespace_for_getMore_test" }); // This check will succeed on a standalone/rs and fail on a sharded cluster assert .commandFailedWithCode(cmdRes, ErrorCodes.Unauthorized);
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None

      We have a check on mongod, validateNamespce, that checks whether the user is issuing a getMore against the same namespace than the initial cursor was established on. On mongod, doing this will hit this check and cause a failure. On mongos, we will just look up the cursor and ignore the the provided namespace, and re-write the request with the correct namespace. This isn't an issue security-wise, as we still have an auth check for the read privileges on the mongos, but it is a bit weird from a UX perspective to have different behaviors here.

            Assignee:
            Unassigned Unassigned
            Reporter:
            erin.mcnulty@mongodb.com Erin McNulty
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: