[MONGOCRYPT-380] Abort when empty binary passed in KMS credentials Created: 09/Feb/22  Updated: 30/Mar/22

Status: Backlog
Project: Libmongocrypt
Component/s: None
Affects Version/s: 1.3.0
Fix Version/s: None

Type: Bug Priority: Unknown
Reporter: Kevin Albertson Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Calling _mongocrypt_parse_required_binary with a BSON binary with an empty string results in an abort.

It is used in two places to parse BSON binary from the KMS providers:

The following reproduces the abort with the Go driver and libmongocrypt 1.3.0:

package main
 
// An example reproducing the abort of MONGOCRYPT-380.
// Run with: go run -tags cse ./investigations/mongocrypt380
 
import (
	"context"
	"fmt"
	"log"
 
	"go.mongodb.org/mongo-driver/bson"
	"go.mongodb.org/mongo-driver/mongo"
	"go.mongodb.org/mongo-driver/mongo/options"
)
 
func main() {
	keyvaultClient, err := mongo.Connect(context.TODO())
	if err != nil {
		log.Fatalf("Connect error: %v\n", err)
	}
	defer keyvaultClient.Disconnect(context.TODO())
 
	kmsProvidersTmpl := `
	{
		"local": {
			"key": {
				"$binary": {
					"base64": "%s",
					"subType": "00"
				}
			}
		}
	}
`
	// Using an empty string for "base64" results in an abort.
	kmsProvidersStr := fmt.Sprintf(kmsProvidersTmpl, "")
	// Using a non-empty string for "base64" with an incorrect length results in an error.
	// kmsProvidersStr := fmt.Sprintf(kmsProvidersTmpl, "AAAA")
 
	var kmsProviders map[string]map[string]interface{}
	err = bson.UnmarshalExtJSON([]byte(kmsProvidersStr), false, &kmsProviders)
	if err != nil {
		log.Fatal(err)
	}
 
	ceopts := options.ClientEncryption().
		SetKmsProviders(kmsProviders).
		SetKeyVaultNamespace("keyvault.datakeys")
 
	ce, err := mongo.NewClientEncryption(keyvaultClient, ceopts)
	defer ce.Close(context.TODO())
	if err != nil {
		log.Fatalf("NewClientEncryption error: %v\n", err)
	}
}


Generated at Thu Feb 08 09:08:34 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.