[SERVER-14398] validateBSON() should reject Arrays whose field names do not match the BSON spec. Created: 30/Jun/14  Updated: 10/May/22

Status: Backlog
Project: Core Server
Component/s: Networking
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Alexander Komyagin Assignee: DO NOT USE - Backlog - Platform Team
Resolution: Unresolved Votes: 0
Labels: move-sa, platforms-re-triaged
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Backwards Compatibility: Minor Change
Operating System: ALL
Participants:

 Description   

At least C driver under some uses constructs arrays without the field names. We should not silently fail, but rather reject the input.

The BSON Spec is ambiguous, but what it's supposed to say is that a BSON array is encoded like an object, where the field name of each element is the UTF-8 string of the base-10 encoding of the element's position in the array. The first element has field name "0", the second "1", the eleventh "10", and so on.

The validateBSON() method is used by the server in standard operation to validate the incoming BSON adheres to the spec, and we should extend its implementation to also validate array field names.



 Comments   
Comment by Steven Vannelli [ 10/May/22 ]

Moving this ticket to the Backlog and removing the "Backlog" fixVersion as per our latest policy for using fixVersions.

Generated at Thu Feb 08 03:34:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.