[SERVER-12817] Read only commands should validate their namespaces Created: 21/Feb/14  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Aggregation Framework, Querying
Affects Version/s: 2.6.0-rc0
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Davide Italiano Assignee: Backlog - Query Optimization
Resolution: Unresolved Votes: 0
Labels: 26qa, aggregation, grab-bag, query-44-grooming, usability
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
is duplicated by SERVER-26431 Validate the collection name for comm... Closed
Related
Assigned Teams:
Query Optimization
Backwards Compatibility: Major Change
Participants:

 Description   

The server has many read-only commands which do not validate their collection names. Our documentation mentions that empty collection names, or collection names containing a "$" are not allowed, so commands like the following should probably error instead of returning no results:

db.runCommand({aggregate: "$foo", pipeline: []})
db["$a"].find() 
db["$a"].distinct("a")
db["$a"].count()

Original Description

http://docs.mongodb.org/manual/reference/limits/ mentions that collection names containing $ or being empty are not allowed. OTOH, aggregate takes them as argument without complaining. Aggregating over an invalid namespace should not be a legal operation, in my opinion.

Examples:

> var cursor = db.runCommand({aggregate: "$foo", pipeline: [], cursor : {batchSize: 50}})
> cursor
{
	"cursor" : {
		"id" : NumberLong(0),
		"ns" : "test.$foo",
		"firstBatch" : [ ]
	},
	"ok" : 1
}

> var cursor = db.runCommand({aggregate: "", pipeline: [], cursor : {batchSize: 50}})
> cursor
{
	"cursor" : {
		"id" : NumberLong(0),
		"ns" : "test.",
		"firstBatch" : [ ]
	},
	"ok" : 1
}



 Comments   
Comment by Asya Kamsky [ 03/Aug/20 ]

In 4.4.0 it is only a problem with aggregate command - all the other examples now return

Error: error: {
	"operationTime" : Timestamp(1596477762, 1),
	"ok" : 0,
	"errmsg" : "Invalid collection name specified 'test.$a",
	"code" : 73,
	"codeName" : "InvalidNamespace",
	"$clusterTime" : {
		"clusterTime" : Timestamp(1596477762, 1),
		"signature" : {
			"hash" : BinData(0,"AAAAAAAAAAAAAAAAAAAAAAAAAAA="),
			"keyId" : NumberLong(0)
		}
	}
}

Comment by Charlie Swanson [ 03/Feb/16 ]

I've updated the description to be more general, as this is not just a problem with aggregation.

Comment by Davide Italiano [ 21/Feb/14 ]

It may be consistent with the query system but I see an inconsistency in validation among all the field you can pass to the aggregation command.
"cursor" does all the types of checks (must contain only batch size, batch size should be a number etc...), for instance so I would expect that validation on ns is done as well.

Comment by Scott Hernandez (Inactive) [ 21/Feb/14 ]

This is not really an aggregation issue. We do the same with queries and pretty much everything:

> db["$a"].find()
> 
> db["$a"].distinct("a")
[ ]
> db["$a"].count()
0
> db["$a"].count({c:1})
0

If we want to change them all, great, otherwise this is really works as designed and is already consistent with our query system.

Generated at Thu Feb 08 03:29:41 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.