[SERVER-27209] BSONObj::getStringField() does not handle embedded null bytes correctly - MongoDB Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.3.0
Component/s: None
Labels:
- bson
- neweng
- techdebt

Backwards Compatibility:
Minor Change
Operating System:
ALL
Sprint:
Execution Team 2021-11-29, Execution Team 2021-12-13, Execution Team 2021-12-27, Execution Team 2022-01-10, Execution Team 2022-01-24
Linked BF Score:
135

Description

A BSONElement of type String has a pointer + length implementation and therefore may contain an embedded null byte. BSONObj::getStringField uses valuestr in its implementation, which can lead us to incorrectly interpret the string as null terminated.

Attachments

Activity

People

Assignee:: Matt Kneiser

Reporter:: Marko Vojvodic

Participants:: David Storch, Githook User, Marko Vojvodic, Matt Kneiser

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: Nov 29 2016 07:10:19 PM UTC

Updated:: Jan 19 2022 09:24:10 AM UTC

Resolved:: Jan 13 2022 05:04:27 PM UTC