diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2016-05-17 11:49:16 -0400 |
---|---|---|
committer | Spencer Jackson <spencer.jackson@mongodb.com> | 2016-06-03 14:04:54 -0400 |
commit | 94b726920c165c88b32e31d191198db89a28686e (patch) | |
tree | 615ff14215123b6034ca38ad680fff38729d0e40 | |
parent | 8a3e35c1124b8d145bfc6073207f1d1b83db48c3 (diff) | |
download | mongo-94b726920c165c88b32e31d191198db89a28686e.tar.gz |
SERVER-20740: Check exceptions in SASL callbacks
-rw-r--r-- | src/mongo/client/cyrus_sasl_client_session.cpp | 71 |
1 files changed, 41 insertions, 30 deletions
diff --git a/src/mongo/client/cyrus_sasl_client_session.cpp b/src/mongo/client/cyrus_sasl_client_session.cpp index 7fe8896588c..503a41303ac 100644 --- a/src/mongo/client/cyrus_sasl_client_session.cpp +++ b/src/mongo/client/cyrus_sasl_client_session.cpp @@ -111,7 +111,7 @@ MONGO_INITIALIZER(CyrusSaslAllocatorsAndMutexes)(InitializerContext*) { return Status::OK(); } -int saslClientLogSwallow(void* context, int priority, const char* message) { +int saslClientLogSwallow(void* context, int priority, const char* message) throw() { return SASL_OK; // do nothing } @@ -157,27 +157,31 @@ MONGO_INITIALIZER_WITH_PREREQUISITES(CyrusSaslClientContext, * the same. These correspond to SASL_CB_AUTHNAME and SASL_CB_USER. */ int saslClientGetSimple(void* context, int id, const char** result, unsigned* resultLen) throw() { - CyrusSaslClientSession* session = static_cast<CyrusSaslClientSession*>(context); - if (!session || !result) - return SASL_BADPARAM; - - CyrusSaslClientSession::Parameter requiredParameterId; - switch (id) { - case SASL_CB_AUTHNAME: - case SASL_CB_USER: - requiredParameterId = CyrusSaslClientSession::parameterUser; - break; - default: + try { + CyrusSaslClientSession* session = static_cast<CyrusSaslClientSession*>(context); + if (!session || !result) + return SASL_BADPARAM; + + CyrusSaslClientSession::Parameter requiredParameterId; + switch (id) { + case SASL_CB_AUTHNAME: + case SASL_CB_USER: + requiredParameterId = CyrusSaslClientSession::parameterUser; + break; + default: + return SASL_FAIL; + } + + if (!session->hasParameter(requiredParameterId)) return SASL_FAIL; - } - - if (!session->hasParameter(requiredParameterId)) + StringData value = session->getParameter(requiredParameterId); + *result = value.rawData(); + if (resultLen) + *resultLen = static_cast<unsigned>(value.size()); + return SASL_OK; + } catch (...) { return SASL_FAIL; - StringData value = session->getParameter(requiredParameterId); - *result = value.rawData(); - if (resultLen) - *resultLen = static_cast<unsigned>(value.size()); - return SASL_OK; + } } /** @@ -188,18 +192,25 @@ int saslClientGetPassword(sasl_conn_t* conn, void* context, int id, sasl_secret_t** outSecret) throw() { - CyrusSaslClientSession* session = static_cast<CyrusSaslClientSession*>(context); - if (!session || !outSecret) - return SASL_BADPARAM; - - sasl_secret_t* secret = session->getPasswordAsSecret(); - if (secret == NULL) { - sasl_seterror(conn, 0, "No password data provided"); + try { + CyrusSaslClientSession* session = static_cast<CyrusSaslClientSession*>(context); + if (!session || !outSecret) + return SASL_BADPARAM; + + sasl_secret_t* secret = session->getPasswordAsSecret(); + if (secret == NULL) { + sasl_seterror(conn, 0, "No password data provided"); + return SASL_FAIL; + } + + *outSecret = secret; + return SASL_OK; + } catch (...) { + StringBuilder sb; + sb << "Caught unhandled exception in saslClientGetSimple: " << exceptionToStatus().reason(); + sasl_seterror(conn, 0, sb.str().c_str()); return SASL_FAIL; } - - *outSecret = secret; - return SASL_OK; } } // namespace |