[SERVER-32941] applyOps command inserts documents without ever calling fixDocumentForInsert() Created: 27/Jan/18  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Replication
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Max Hirschhorn Assignee: Backlog - Replication Team
Resolution: Unresolved Votes: 0
Labels: applyOps
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
related to SERVER-32952 applyOps does not validate updates Backlog
is related to SERVER-27096 applyOps should validate its ops to e... Backlog
Assigned Teams:
Replication
Operating System: ALL
Participants:
Linked BF Score: 15

 Description   

The applyOperation_inlock() function calls Collection::insertDocuments() directly. Since the "applyOps" command doesn't call the fixDocumentForInsert() function on its operations of type op='i' as part of its validation, this means (among other things) it is possible to insert documents with $-prefixed fields names, exceed the maximum depth for user storage, or use bad BSON types for the "_id" field.



 Comments   
Comment by Andy Schwerin [ 27/Jan/18 ]

This is as designed. Secondaries must take the primary at it's word. If we want validation, it would need to be in the applyOps command, but even that would be risky for mongorestore.

Generated at Thu Feb 08 04:31:46 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.