<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:13:29 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-1876] libbson doesn&apos;t validate length inside binary subtype 0x02</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-1876</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;Deprecated subtype 0x02 includes a redundant length inside the binary payload.  libbson doesn&apos;t validate this length and just skips over it.&lt;/p&gt;

&lt;p&gt;&lt;tt&gt;_bson_iter_next_internal&lt;/tt&gt; does validate that subtype 0x02 has at least 4 bytes for the inner length.  It should validate that the inner length is consistent with the binary envelope as well.&lt;/p&gt;</description>
                <environment></environment>
        <key id="326055">CDRIVER-1876</key>
            <summary>libbson doesn&apos;t validate length inside binary subtype 0x02</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="backlog-c-driver">Backlog - C Driver Team</assignee>
                                    <reporter username="david.golden@mongodb.com">David Golden</reporter>
                        <labels>
                    </labels>
                <created>Sat, 22 Oct 2016 18:09:28 +0000</created>
                <updated>Thu, 5 Jan 2017 10:18:12 +0000</updated>
                            <resolved>Thu, 5 Jan 2017 10:17:55 +0000</resolved>
                                                    <fixVersion>1.6.0</fixVersion>
                                    <component>libbson</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="1469959" author="xgen-internal-githook" created="Thu, 5 Jan 2017 10:18:12 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;ajdavis&apos;, u&apos;name&apos;: u&apos;A. Jesse Jiryu Davis&apos;, u&apos;email&apos;: u&apos;jesse@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-1876&quot; title=&quot;libbson doesn&amp;#39;t validate length inside binary subtype 0x02&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-1876&quot;&gt;&lt;del&gt;CDRIVER-1876&lt;/del&gt;&lt;/a&gt; extra validation for binary type 2&lt;/p&gt;

&lt;p&gt;The deprecated binary subtype 2 has a redundant length prefix at the&lt;br/&gt;
start of the data, check it agrees with the total BSON element length.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/libbson/commit/1af72f285e8c7aafe2dfa1eb4030a66ee7f077b9&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/libbson/commit/1af72f285e8c7aafe2dfa1eb4030a66ee7f077b9&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="342582">CDRIVER-1977</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hsr3uv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1481">C Driver 2017 1 - Jan 20, 2017</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>