SERVER-20358 prevent creation of users containing NULL characters

(cherry picked from commit 6a46a7c34222329972b6c6b0fae70bc6cd72c2fa)

2 files changed, 9 insertions, 0 deletions

diff --git a/jstests/auth/user_management_commands_edge_cases.js b/jstests/auth/user_management_commands_edge_cases.js
index ee2bb996d01..b8f11505c58 100644
--- a/jstests/auth/user_management_commands_edge_cases.js
+++ b/jstests/auth/user_management_commands_edge_cases.js
@@ -62,6 +62,12 @@ function runTest(conn) {
                            db.createUser({user: 'user2', pwd: 'pwd', roles: [{role: '',
                                                                               db: 'test'}]});
                        });
+         assert.throws(function() {
+                           db.createUser({user: 'null\u0000char', pwd: 'pwd', roles: []});
+                       });
+        assert.throws(function() {
+                           db.createUser({user: 'null\0char', pwd: 'pwd', roles: []});
+                       });
          // Regression test for SERVER-17125
          assert.throws(function() {
                            db.getSiblingDB('$external').createUser({user: '', roles: []});
diff --git a/src/mongo/db/auth/user_management_commands_parser.cpp b/src/mongo/db/auth/user_management_commands_parser.cpp
index fe5136f8f07..3ac8b13352e 100644
--- a/src/mongo/db/auth/user_management_commands_parser.cpp
+++ b/src/mongo/db/auth/user_management_commands_parser.cpp
@@ -232,6 +232,9 @@ Status parseCreateOrUpdateUserCommands(const BSONObj& cmdObj,
     if (!status.isOK()) {
         return status;
     }
+    if (userName.find('\0') != std::string::npos) {
+        return Status(ErrorCodes::BadValue, "Username cannot contain NULL characters");
+    }
 
     parsedArgs->userName = UserName(userName, dbname);