[CDRIVER-2824] Client metadata is invalid JSON Created: 12/Sep/18  Updated: 27/Oct/23  Resolved: 13/Sep/18

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Matt Broadstone Assignee: A. Jesse Jiryu Davis
Resolution: Works as Designed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to SERVER-16620 escape double quotes \" when printing... Closed

 Description   

It appears that libmongoc does no sanitization of (at least) the platform field when building client metadata. A log of the swift driver connecting to mongod reveals the following invalid JSON:

{ driver: { name: "mongoc", version: "1.11.0" }, os: { type: "Darwin", name: "macOS", version: "17.4.0", architecture: "x86_64" }, platform: "cfg=0x00d68265 posix=200112 stdc=201112 CC=clang 9.1.0 (clang-902.0.39.2) CFLAGS="" LDFLAGS=""" }



 Comments   
Comment by A. Jesse Jiryu Davis [ 13/Sep/18 ]

Including BSON string values that have quotes in them is perfectly valid driver behavior; the best fix for this is if the server properly escapes JSON strings it dumps to the logs.

Comment by Jeffrey Yemin [ 12/Sep/18 ]

Linked to SERVER-16620.

The C driver could work around this by not including double quotes in BSON strings in client metadata, but the root cause is the server logs, I suspect.

Comment by Jeremy Mikola [ 12/Sep/18 ]

Handshake data is provided in BSON (see: spec), so is it the responsibility of libmongoc (or any driver) to escape characters in fields? I wonder if this is instead an issue the tools parsing this data on the server side.

AFAIK, this data isn't stored in any server collection and gets dumped to log files. I'm not sure if it's accessible by other means, but if the tools reading it are scraping it from mongod logs, then perhaps the server needs to escape it to ensure it only prints well-formed JSON to its logs.

Generated at Wed Feb 07 21:16:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.