[JAVA-816] Invalid buffer size safety check in org.bson.io.Bits.readFully(stream, buf, off, len) Created: 26/Apr/13 Updated: 03/Apr/14 Resolved: 25/Jun/13 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | BSON |
| Affects Version/s: | 2.11.0 |
| Fix Version/s: | 2.12.0, 3.0.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Carsten Haustein | Assignee: | Unassigned |
| Resolution: | Done | Votes: | 0 |
| Labels: | bson, driver | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
Test: Expected: Observed: The safety check should test for "<". |
| Comments |
| Comment by Jeffrey Yemin [ 25/Jun/13 ] |
|
Fixed in 3.0.x as well: https://github.com/mongodb/mongo-java-driver/commit/4e230513cfae4e840966de9a8b988459ffb3a5dc |
| Comment by auto [ 14/Jun/13 ] |
|
Author: {u'username': u'trnl', u'name': u'Uladzimir Mihura', u'email': u'trnl.me@gmail.com'}Message: Added tests for org.bson.io.Bits class. Fix for |
| Comment by Jeffrey Yemin [ 26/Apr/13 ] |
|
Thanks for catching this. Looks like it was only ever tested with startOffset = 0 and length = b.length. |