Details
-
Bug
-
Status: Closed
-
Major - P3
-
Resolution: Fixed
-
None
-
Fully Compatible
-
ALL
-
Platforms 2017-07-10
Description
A few options in mongod_options.cpp (such as "replication.replSetName") call std::string.c_str() then passes the result to a function that takes a std::string. This appears to be unintentional, but has the impact of silently truncating the option at the first \0 byte. I don't think it is possible to pass embedded NUL bytes on the command line so it requires a config file. Example config file:
replication:
|
replSetName: "Oh No\0!"
|
I see a few possible options:
- Remove the c_str() and start including the NUL byte. Maybe also add validation with allowed characters in replSet names.
- Error if there is a NUL byte.
- Decide this is intentional and add a comment explaining it. We should also look at arguments without a c_str() and decide if they should also truncate.
- Decide that no options in the config file should support NUL bytes and error in the main options parser logic.