[CDRIVER-700] Unchecked error in bson_utf8_escape_for_json Created: 09/Jun/15 Updated: 11/Jan/16 Resolved: 14/Jun/15 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libbson |
| Affects Version/s: | 0.90.0 |
| Fix Version/s: | 1.2-beta0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | A. Jesse Jiryu Davis | Assignee: | A. Jesse Jiryu Davis |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||
| Description |
|
If bson_utf8_escape_for_json is called with an invalid sequence, e.g. one that begins with 0x80, it doesn't notice that bson_utf8_next_char and bson_utf8_get_char are returning nil. It loops forever on the invalid character, appending the escape sequence for nil, '\u0000', to the output string until it fails to realloc the output buffer and aborts. |
| Comments |
| Comment by Githook User [ 11/Jan/16 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch '1.2.0-dev'
|
| Comment by Githook User [ 11/Jan/16 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch 'master' into 1.2.0-dev
Conflicts: |
| Comment by Githook User [ 11/Jan/16 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 20/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch '1.2.0-dev'
|
| Comment by Githook User [ 20/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch 'master' into 1.2.0-dev
Conflicts: |
| Comment by Githook User [ 20/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 07/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch '1.2.0-dev'
|
| Comment by Githook User [ 07/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch 'master' into 1.2.0-dev
Conflicts: |
| Comment by Githook User [ 07/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 07/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch '1.2.0-dev'
|
| Comment by Githook User [ 01/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: Merge branch 'master' into 1.2.0-dev
Conflicts: |
| Comment by Githook User [ 01/Oct/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 05/Aug/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 05/Aug/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by A. Jesse Jiryu Davis [ 29/Jun/15 ] |
|
Discovered with American Fuzzy Lop: http://lcamtuf.coredump.cx/afl/ |
| Comment by Githook User [ 14/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by A. Jesse Jiryu Davis [ 14/Jun/15 ] |
|
Now resolved in 1.2.0-dev as well. |
| Comment by Githook User [ 14/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 14/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by A. Jesse Jiryu Davis [ 09/Jun/15 ] |
|
Resolved in 1.1.7, needs forward port to 1.2.0-dev. |
| Comment by Githook User [ 09/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 09/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |
| Comment by Githook User [ 09/Jun/15 ] |
|
Author: {u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}Message: |