Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-57248

Query results are replaced with values from project

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Critical - P2
    • Resolution: Works as Designed
    • None
    • None
    • None
    • MongoDb 4.4
    • ALL
    • Query Execution 2021-05-31

    Description

      Problem Description

      When using the select statement with an object and String values the result is replaced with the values from the select statement.  I tried it out in 4.0 and 4.2 and this is not an issue. This is only an issue in version 4.4.

      Steps to Reproduce

       

      (function(){
        const products = [    'apples',    'peaches',    'bananas',    'oranges',    'grapes',    'watermelons',  ];
        for (let product of products) {     let item = {      id: new Date().getTime(),      name: product,       qty: Math.round( Math.random() * (50 - 1) + 1 )    }    db.products.save(item);  }
       
        let results = db.products.find({}, {name:1, qty:'You have none!!', attack:'<scripts>alert("boo!")</scripts>'});
        printjson(results.toArray());
        db.products.drop();
      })();

       

      Expected Results

      The expected results would be the actual values from the database not fake results from the select statement.

       

       

      [
       {
       "_id": ObjectId("6078ad7cc3006933c653ede5"),
       "name": "apples",
       "qty": 44
       },
       {
       "_id": ObjectId("6078ad7cc3006933c653ede6"),
       "name": "peaches",
       "qty": 47
       },
       {
       "_id": ObjectId("6078ad7cc3006933c653ede7"),
       "name": "bananas",
       "qty": 14
       },
       {
       "_id": ObjectId("6078ad7cc3006933c653ede8"),
       "name": "oranges",
       "qty": 14
       },
       {
       "_id": ObjectId("6078ad7cc3006933c653ede9"),
       "name": "grapes",
       "qty": 16
       },
       {
       "_id": ObjectId("6078ad7cc3006933c653edea"),
       "name": "watermelons",
       "qty": 45
       }
      ]
       
       

      Actual Results

       I would expect quantity to be a number and attack to be nonexistent

       

      [
       {
       "_id": ObjectId("6078ab09c3006933c653edcd"),
       "name": "apples",
       "qty": "yep",
       "attack": "<scripts>alert(\"boo!\")</scripts>"
       },
       {
       "_id": ObjectId("6078ab09c3006933c653edce"),
       "name": "peaches",
       "qty": "yep",
       "attack": "<scripts>alert(\"boo!\")</scripts>"
       },
      ...
      ]
      

      Additional Notes

      I set up a Gist here using the Mongoose driver.

      https://gist.github.com/jwerre/ef447dc1d60a48865c8574dff73d7a69

      Attachments

        Activity

          People

            david.storch@mongodb.com David Storch
            jonah@surveyplanet.com Jonah Werre
            Votes:
            0 Vote for this issue
            Watchers:
            13 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: