[CDRIVER-700] Unchecked error in bson_utf8_escape_for_json Created: 09/Jun/15  Updated: 11/Jan/16  Resolved: 14/Jun/15

Status: Closed
Project: C Driver
Component/s: libbson
Affects Version/s: 0.90.0
Fix Version/s: 1.2-beta0

Type: Bug Priority: Major - P3
Reporter: A. Jesse Jiryu Davis Assignee: A. Jesse Jiryu Davis
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related

 Description   

If bson_utf8_escape_for_json is called with an invalid sequence, e.g. one that begins with 0x80, it doesn't notice that bson_utf8_next_char and bson_utf8_get_char are returning nil. It loops forever on the invalid character, appending the escape sequence for nil, '\u0000', to the output string until it fails to realloc the output buffer and aborts.



 Comments   
Comment by Githook User [ 11/Jan/16 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch '1.2.0-dev'

Comment by Githook User [ 11/Jan/16 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (24 commits)
    1.1.11 Release
    CDRIVER-690 fix typo in error check
    CDRIVER-690 fix streaming example to use fd
    CDRIVER-690 clarify callback description
    CDRIVER-690 fix indentation and style
    CDRIVER-690 add BSON streaming read example
    CDRIVER-690 document bson_reader callbacks
    post-release bump
    1.1.10 Release
    post-release bump
    1.1.9 Release
    CDRIVER-727 actually enable coverage in libbson
    post-release bump
    1.1.8 Release
    post-release bump
    1.1.7 Release
    ensure CMake defines config vars to 0 or 1
    CDRIVER-700 unchecked err in bson_utf8_escape_for_json
    fix assert in test_bson_json_read_bad_cb
    %g prints with 3 exp digits by default on windows
    ...

Conflicts:
CMakeLists.txt
NEWS
build/autotools/Versions.m4
build/rpm/libbson.spec
doc/version.page
tests/test-json.c
Branch: 1.3.0-dev
https://github.com/mongodb/libbson/commit/69ae5fa4d8aefc296d36e251526cdad53ecd877a

Comment by Githook User [ 11/Jan/16 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
Branch: 1.3.0-dev
https://github.com/mongodb/libbson/commit/c48a8fc9d8216e59120578fa5dbc1c6774efaf47

Comment by Githook User [ 20/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch '1.2.0-dev'

Comment by Githook User [ 20/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (24 commits)
    1.1.11 Release
    CDRIVER-690 fix typo in error check
    CDRIVER-690 fix streaming example to use fd
    CDRIVER-690 clarify callback description
    CDRIVER-690 fix indentation and style
    CDRIVER-690 add BSON streaming read example
    CDRIVER-690 document bson_reader callbacks
    post-release bump
    1.1.10 Release
    post-release bump
    1.1.9 Release
    CDRIVER-727 actually enable coverage in libbson
    post-release bump
    1.1.8 Release
    post-release bump
    1.1.7 Release
    ensure CMake defines config vars to 0 or 1
    CDRIVER-700 unchecked err in bson_utf8_escape_for_json
    fix assert in test_bson_json_read_bad_cb
    %g prints with 3 exp digits by default on windows
    ...

Conflicts:
CMakeLists.txt
NEWS
build/autotools/Versions.m4
build/rpm/libbson.spec
doc/version.page
tests/test-json.c
Branch: debian
https://github.com/mongodb/libbson/commit/69ae5fa4d8aefc296d36e251526cdad53ecd877a

Comment by Githook User [ 20/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
Branch: debian
https://github.com/mongodb/libbson/commit/c48a8fc9d8216e59120578fa5dbc1c6774efaf47

Comment by Githook User [ 07/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch '1.2.0-dev'

Comment by Githook User [ 07/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (24 commits)
    1.1.11 Release
    CDRIVER-690 fix typo in error check
    CDRIVER-690 fix streaming example to use fd
    CDRIVER-690 clarify callback description
    CDRIVER-690 fix indentation and style
    CDRIVER-690 add BSON streaming read example
    CDRIVER-690 document bson_reader callbacks
    post-release bump
    1.1.10 Release
    post-release bump
    1.1.9 Release
    CDRIVER-727 actually enable coverage in libbson
    post-release bump
    1.1.8 Release
    post-release bump
    1.1.7 Release
    ensure CMake defines config vars to 0 or 1
    CDRIVER-700 unchecked err in bson_utf8_escape_for_json
    fix assert in test_bson_json_read_bad_cb
    %g prints with 3 exp digits by default on windows
    ...

Conflicts:
CMakeLists.txt
NEWS
build/autotools/Versions.m4
build/rpm/libbson.spec
doc/version.page
tests/test-json.c
Branch: master
https://github.com/mongodb/libbson/commit/69ae5fa4d8aefc296d36e251526cdad53ecd877a

Comment by Githook User [ 07/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
(cherry picked from commit c48a8fc)
Branch: master
https://github.com/mongodb/libbson/commit/63501193d1496a2926f9a9be310f2b626bae1a2a

Comment by Githook User [ 07/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch '1.2.0-dev'

Comment by Githook User [ 01/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: Merge branch 'master' into 1.2.0-dev

  • master: (24 commits)
    1.1.11 Release
    CDRIVER-690 fix typo in error check
    CDRIVER-690 fix streaming example to use fd
    CDRIVER-690 clarify callback description
    CDRIVER-690 fix indentation and style
    CDRIVER-690 add BSON streaming read example
    CDRIVER-690 document bson_reader callbacks
    post-release bump
    1.1.10 Release
    post-release bump
    1.1.9 Release
    CDRIVER-727 actually enable coverage in libbson
    post-release bump
    1.1.8 Release
    post-release bump
    1.1.7 Release
    ensure CMake defines config vars to 0 or 1
    CDRIVER-700 unchecked err in bson_utf8_escape_for_json
    fix assert in test_bson_json_read_bad_cb
    %g prints with 3 exp digits by default on windows
    ...

Conflicts:
CMakeLists.txt
NEWS
build/autotools/Versions.m4
build/rpm/libbson.spec
doc/version.page
tests/test-json.c
Branch: 1.2.0-dev
https://github.com/mongodb/libbson/commit/69ae5fa4d8aefc296d36e251526cdad53ecd877a

Comment by Githook User [ 01/Oct/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
Branch: 1.2.0-dev
https://github.com/mongodb/libbson/commit/c48a8fc9d8216e59120578fa5dbc1c6774efaf47

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 final unchecked errs from mongoc_uri_do_unescape
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/a4a0b75f8df7ff14c23e66bf26f11676a221d1b5

Comment by Githook User [ 05/Aug/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked errs from mongoc_uri_do_unescape
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/8ca5db7aa7fa7d8de40b00fe46e2c5882bd23e1f

Comment by A. Jesse Jiryu Davis [ 29/Jun/15 ]

Discovered with American Fuzzy Lop: http://lcamtuf.coredump.cx/afl/

Comment by Githook User [ 14/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
(cherry picked from commit c48a8fc)
Branch: 1.2.0-dev
https://github.com/mongodb/libbson/commit/63501193d1496a2926f9a9be310f2b626bae1a2a

Comment by A. Jesse Jiryu Davis [ 14/Jun/15 ]

Now resolved in 1.2.0-dev as well.

Comment by Githook User [ 14/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 final unchecked errs from mongoc_uri_do_unescape
(cherry picked from commit a4a0b75)
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/bed240d162fbaee970814c5e6184ce198b38c2d1

Comment by Githook User [ 14/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked errs from mongoc_uri_do_unescape
(cherry picked from commit 8ca5db7)
Branch: 1.2.0-dev
https://github.com/mongodb/mongo-c-driver/commit/1aa966feb53fc79d0deaa28081a3f2c022646172

Comment by A. Jesse Jiryu Davis [ 09/Jun/15 ]

Resolved in 1.1.7, needs forward port to 1.2.0-dev.

Comment by Githook User [ 09/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked err in bson_utf8_escape_for_json
Branch: master
https://github.com/mongodb/libbson/commit/c48a8fc9d8216e59120578fa5dbc1c6774efaf47

Comment by Githook User [ 09/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 final unchecked errs from mongoc_uri_do_unescape
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/a4a0b75f8df7ff14c23e66bf26f11676a221d1b5

Comment by Githook User [ 09/Jun/15 ]

Author:

{u'username': u'ajdavis', u'name': u'A. Jesse Jiryu Davis', u'email': u'jesse@mongodb.com'}

Message: CDRIVER-700 unchecked errs from mongoc_uri_do_unescape
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/8ca5db7aa7fa7d8de40b00fe46e2c5882bd23e1f

Generated at Wed Feb 07 21:10:21 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.