Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-35137

Unsanitary sasl vsnprintf calls

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 4.1.1
    • None
    • Internal Code
    • None
    • Fully Compatible
    • ALL

    Description

      This is a classic syslog "%s" error. We should just pretty much always use "%s" format and then the string we want to log as the next argument, just to make it less tempting for a % sign to creep into the format strings under maintenance.

      ```src/mongo/db/modules/mongo-enterprise-modules/src/sasl/canon_mongodb_internal.cpp:78:41: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
      utils->seterror(utils->conn, 0, sb.str().c_str());
      ^~~~~~~~~~~~~~~~```

       

      These get it right:

      src/mongo/client/sasl_sspi.cpp:97: utils->seterror(utils->conn, 0, "%s", buffer.c_str());
      src/sasl/mongo_sspi.cpp:122: utils->seterror(utils->conn, 0, "%s", buffer.c_str());

       The rest get it sort of wrong:
      billy@billydev:~/dev/mongodb/mongo$ git grep -E -n '\b(sasl_)?seterror'
      src/mongo/client/cyrus_sasl_client_session.cpp:202: sasl_seterror(conn, 0, "No password data provided");
      src/mongo/client/cyrus_sasl_client_session.cpp:211: sasl_seterror(conn, 0, sb.str().c_str());
      src/mongo/client/sasl_sspi.cpp:114: cparams->utils->seterror(cparams->utils->conn, 0, "getcallback user failed");
      src/mongo/client/sasl_sspi.cpp:122: cparams->utils->seterror(cparams->utils->conn, 0, "user callback failed");
      src/mongo/client/sasl_sspi.cpp:130: cparams->utils->seterror(cparams->utils->conn, 0, "no @REALM found in username");
      src/mongo/client/sasl_sspi.cpp:190: cparams->utils->seterror(cparams->utils->conn, 0, "SSPI: no serverFQDN");
      src/mongo/client/sasl_sspi.cpp:255: cparams->utils->seterror(cparams->utils->conn, 0, "SSPI: server message is too short");
      src/mongo/client/sasl_sspi.cpp:262: cparams->utils->seterror(
      src/mongo/client/sasl_sspi.cpp:458: utils->seterror(utils->conn, 0, "Wrong SSPI version");

      src/sasl/canon_mongodb_internal.cpp:62: utils->seterror(utils->conn, 0, "All-whitespace username.");
      src/sasl/canon_mongodb_internal.cpp:68: utils->seterror(utils->conn, 0, "Canonicalized username too long.");
      src/sasl/canon_mongodb_internal.cpp:78: utils->seterror(utils->conn, 0, sb.str().c_str());
      src/sasl/cyrus_sasl_authentication_session.cpp:126: sasl_seterror(conn, 0, errorMsg.str().c_str());
      src/sasl/cyrus_sasl_authentication_session.cpp:133: sasl_seterror(conn, 0, sb.str().c_str());
      src/sasl/mongo_sspi.cpp:141: sparams->utils->seterror(sparams->utils->conn, 0, "SSPI: no serverFQDN");
      src/sasl/mongo_sspi.cpp:184: sparams->utils->seterror(sparams->utils->conn, 0, "SSPI: client unexpectedly sent data");
      src/sasl/mongo_sspi.cpp:310: sparams->utils->seterror(
      src/sasl/mongo_sspi.cpp:317: sparams->utils->seterror(sparams->utils->conn, 0, "SSPI: wrong security layer from client");
      src/sasl/mongo_sspi.cpp:324: sparams->utils->seterror(sparams->utils->conn, 0, "SSPI: no authz name in auth handshake");

       

      Attachments

        Activity

          People

            billy.donahue@mongodb.com Billy Donahue
            billy.donahue@mongodb.com Billy Donahue
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: