Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-12817

Read only commands should validate their namespaces

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Major Change

      Description

      The server has many read-only commands which do not validate their collection names. Our documentation mentions that empty collection names, or collection names containing a "$" are not allowed, so commands like the following should probably error instead of returning no results:

      db.runCommand({aggregate: "$foo", pipeline: []})
      db["$a"].find() 
      db["$a"].distinct("a")
      db["$a"].count()
      

      Original Description

      http://docs.mongodb.org/manual/reference/limits/ mentions that collection names containing $ or being empty are not allowed. OTOH, aggregate takes them as argument without complaining. Aggregating over an invalid namespace should not be a legal operation, in my opinion.

      Examples:

      > var cursor = db.runCommand({aggregate: "$foo", pipeline: [], cursor : {batchSize: 50}})
      > cursor
      {
      	"cursor" : {
      		"id" : NumberLong(0),
      		"ns" : "test.$foo",
      		"firstBatch" : [ ]
      	},
      	"ok" : 1
      }
      

      > var cursor = db.runCommand({aggregate: "", pipeline: [], cursor : {batchSize: 50}})
      > cursor
      {
      	"cursor" : {
      		"id" : NumberLong(0),
      		"ns" : "test.",
      		"firstBatch" : [ ]
      	},
      	"ok" : 1
      }
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              backlog-query-optimization Backlog - Query Optimization
              Reporter:
              davide.italiano Davide Italiano
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated: