BSONObj::getStringField() does not handle embedded null bytes correctly

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Done
    • Priority: Major - P3
    • 5.3.0
    • Affects Version/s: None
    • Component/s: None
    • Minor Change
    • ALL
    • Execution Team 2021-11-29, Execution Team 2021-12-13, Execution Team 2021-12-27, Execution Team 2022-01-10, Execution Team 2022-01-24
    • 129
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      A BSONElement of type String has a pointer + length implementation and therefore may contain an embedded null byte. BSONObj::getStringField uses valuestr in its implementation, which can lead us to incorrectly interpret the string as null terminated.

              Assignee:
              Matt Kneiser
              Reporter:
              Marko Vojvodic
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: