[SERVER-68157] AuditEncryptionCompressionManager::encryptAndEncode should emit big BSON Created: 19/Jul/22  Updated: 29/Oct/23  Resolved: 25/Aug/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 6.0.3

Type: Bug Priority: Major - P3
Reporter: Spencer Jackson Assignee: Adam Rayner
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v6.1, v6.0
Sprint: Security 2022-08-08, Security 2022-08-22, Security 2022-09-05
Participants:

 Description   

BSON objects rendered into the audit log are permitted to exceed the 16MB size threshold. This requirement arises from the need to audit network requests which can exceed the object size. In order to override BSON size limits, template trait overrides can be passed to key serialization methods.

AuditEncryptionCompressionManager::encryptAndEncode invokes BSONObjBuilder::obj without providing a trait. That means, we may attempt to encrypt big inputs, but enforce the 16MB limit on the size of the ciphertext.



 Comments   
Comment by Githook User [ 05/Oct/22 ]

Author:

{'name': 'Adam Rayner', 'email': 'adam.rayner@gmail.com'}

Message: SERVER-68157: Add LargeSizeTrait to AuditEncryptionCompressionManager::encryptAndEncode
Branch: v6.0
https://github.com/10gen/mongo-enterprise-modules/commit/1c9ffb9153f82fe471f89aea63e28d1b9779b431

Comment by Githook User [ 05/Oct/22 ]

Author:

{'name': 'Adam Rayner', 'email': 'adam.rayner@gmail.com'}

Message: SERVER-68157: Add LargeSizeTrait to AuditEncryptionCompressionManager::encryptAndEncode
Branch: v6.1
https://github.com/10gen/mongo-enterprise-modules/commit/5072c236ea858753aed0bcb4511f8f922fe011e9

Generated at Thu Feb 08 06:10:03 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.