[SERVER-35137] Unsanitary sasl vsnprintf calls Created: 21/May/18 Updated: 29/Oct/23 Resolved: 22/May/18 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code |
| Affects Version/s: | None |
| Fix Version/s: | 4.1.1 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Billy Donahue | Assignee: | Billy Donahue |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Operating System: | ALL |
| Participants: |
| Description |
|
This is a classic syslog "%s" error. We should just pretty much always use "%s" format and then the string we want to log as the next argument, just to make it less tempting for a % sign to creep into the format strings under maintenance. ```src/mongo/db/modules/mongo-enterprise-modules/src/sasl/canon_mongodb_internal.cpp:78:41: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
These get it right: src/mongo/client/sasl_sspi.cpp:97: utils->seterror(utils->conn, 0, "%s", buffer.c_str()); The rest get it sort of wrong: src/sasl/canon_mongodb_internal.cpp:62: utils->seterror(utils->conn, 0, "All-whitespace username.");
|
| Comments |
| Comment by Githook User [ 22/May/18 ] |
|
Author: {'username': 'BillyDonahue', 'name': 'Billy Donahue', 'email': 'billy.donahue@mongodb.com'}Message: |
| Comment by Githook User [ 22/May/18 ] |
|
Author: {'username': 'BillyDonahue', 'name': 'Billy Donahue', 'email': 'billy.donahue@mongodb.com'}Message: |