Summary
Calling mongocrypt_setopt_kms_providers twice with an "aws" or "local" does not error, and results in a memory leak.
{
|
mongocrypt_binary_t *bson = TEST_BSON(BSON_STR({"aws" : {"accessKeyId" : "foo", "secretAccessKey" : "bar"}}));
|
mongocrypt_t *crypt = mongocrypt_new();
|
ASSERT_OK(mongocrypt_setopt_kms_providers(crypt, bson), crypt);
|
ASSERT_OK(mongocrypt_setopt_kms_providers(crypt, bson), crypt); // Leaks!
|
// Leak is caused by overwrite to {{crypt->opts->kms_providers->aws.secret_access_key}}
|
mongocrypt_destroy(crypt);
|
}
|
Calling mongocrypt_setopt_kms_providers twice with "azure", "gcp", or "kmip" results in an expected error:
// Errors if called multiple times with intersecting providers.
|
{
|
mongocrypt_binary_t *one = TEST_BSON(BSON_STR({"azure" : {"accessToken" : "foo"}}));
|
mongocrypt_binary_t *two = TEST_BSON(BSON_STR({"azure" : {"accessToken" : "bar"}}));
|
|
mongocrypt_t *crypt = mongocrypt_new();
|
ASSERT_OK(mongocrypt_setopt_kms_providers(crypt, one), crypt);
|
ASSERT_FAILS(mongocrypt_setopt_kms_providers(crypt, two), crypt, "already set");
|
mongocrypt_destroy(crypt);
|
}
|
Proposal: make configuring "aws" or "local" twice an error for consistency with other KMS providers.
Background & Motivation
I expect this to have little to no impact. I expect driver bindings are not calling mongocrypt_setopt_kms_providers more than once, since this is only needed to construct the mongocrypt_t handle.
|