[SERVER-17278] BSON BinData validation enforcement Created: 13/Feb/15  Updated: 18/Sep/15  Resolved: 13/Feb/15

Status: Closed
Project: Core Server
Component/s: Security, Stability
Affects Version/s: 3.0.0-rc8
Fix Version/s: 2.4.13, 2.6.8, 3.0.0-rc9, 3.1.0

Type: Bug Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Spencer Jackson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Completed:
Sprint: Security [00-02-20-15]
Participants:

 Description   
Issue Status as of Feb 17, 2015

ISSUE SUMMARY
The mongod server fails to validate some cases of malformed BSON.

USER IMPACT
Upon receiving a specially crafted, malformed BSON message the thread serving the connection may go into an infinite loop, which may result in a loss of availability.

WORKAROUNDS
There are no workarounds. Users may reduce their exposure by limiting network access to the server. See the MongoDB Security documentation page for more information on recommended security practices for your MongoDB deployment.

AFFECTED VERSIONS
All MongoDB production releases up to 2.6.7 are affected by this issue.

FIX VERSION
The fix is included in the 2.4.13 and 2.6.8 production releases.

RESOLUTION DETAILS
Reject malformed BSON data.



 Comments   
Comment by Githook User [ 17/Feb/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17278: Enforce BSON BinData length

(cherry picked from commit 8ef2743189617343c5c4888aca34a9886d21e783)

Conflicts:
src/mongo/bson/bson_validate.cpp
Branch: v2.4
https://github.com/mongodb/mongo/commit/04c33a8e1f97542f92c34432a2871fa7e359a342

Comment by Githook User [ 15/Feb/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17278: Enforce BSON BinData length

(cherry picked from commit 8ef2743189617343c5c4888aca34a9886d21e783)
Branch: v3.0
https://github.com/mongodb/mongo/commit/ac7d4eac9eb895886086eb6f0b763147ec7f3b90

Comment by Githook User [ 13/Feb/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17278: Enforce BSON BinData length

(cherry picked from commit 8ef2743189617343c5c4888aca34a9886d21e783)
Branch: v2.6
https://github.com/mongodb/mongo/commit/a5408edceb0e6b571bdd634afcf9bc5ee94e29c3

Comment by Githook User [ 13/Feb/15 ]

Author:

{u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}

Message: SERVER-17278: Enforce BSON BinData length
Branch: master
https://github.com/mongodb/mongo/commit/8ef2743189617343c5c4888aca34a9886d21e783

Generated at Thu Feb 08 03:43:53 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.