[SERVER-65448] Fix validation of encrypted field paths during create collection Created: 11/Apr/22 Updated: 29/Oct/23 Resolved: 12/Apr/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 6.0.0-rc0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Erwin Pe | Assignee: | Erwin Pe |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Backwards Compatibility: | Fully Compatible |
| Operating System: | ALL |
| Sprint: | Security 2022-04-18 |
| Participants: |
| Description |
|
The validation in collection_options_validation.cpp of each encrypted field path in the encryptedFieldConfig rejects commands where a field name is a prefix of another (e.g. "foo" and "foobar"). However, it should be rejecting a field path only if it is a dotted prefix of another (e.g. "foo" and "foo.bar"). |
| Comments |
| Comment by Githook User [ 12/Apr/22 ] |
|
Author: {'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}Message: |