Currently there are places where we pass field names around using StringData, such as in the BSONObj::getField method, where there is a potential for the passed string to contain an embedded '\0' character. Inserting this in a BSON object would lead to structurally corrupt BSON data and undefined behavior.
While currently there are no known issues of this happening, it is a risk that can and should be mitigated by using a new type for strings that are valid for use as a field name.
- is related to
-
SERVER-94955 Add more testing for $getField
- Closed
- related to
-
SERVER-95748 createRegex() in bsoncolumn_builder_fuzzer.cpp test code needs work
- Closed