BSONObjBuilder should prevent appending field names containing NULs

XMLWordPrintableJSON

    • Server Programmability
    • Fully Compatible
    • v8.0, v7.0, v6.0, v5.0
    • 0
    • None
    • 0
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Currently there are places where we pass field names around using StringData, such as in the BSONObj::getField method, where there is a potential for the passed string to contain an embedded '\0' character. Inserting this in a BSON object would lead to structurally corrupt BSON data and undefined behavior.

       

      While currently there are no known issues of this happening, it is a risk that can and should be mitigated by using a new type for strings that are valid for use as a field name.

              Assignee:
              Mathias Stearn
              Reporter:
              Geert Bosch
              Votes:
              0 Vote for this issue
              Watchers:
              17 Start watching this issue

                Created:
                Updated:
                Resolved: