diff options
author | Davis Haupt <davis.haupt@mongodb.com> | 2019-06-19 10:26:17 -0400 |
---|---|---|
committer | Davis Haupt <davis.haupt@mongodb.com> | 2019-06-21 16:27:10 -0400 |
commit | fdedc9902c471e73ff2b8d9251772344df8bcf58 (patch) | |
tree | 6bfe6647e897cb60af019d5dc3713c54705b8d80 /src/mongo/db/pipeline | |
parent | 9c2607a338b38f0b76d736202f1b97a1cd1020d8 (diff) | |
download | mongo-fdedc9902c471e73ff2b8d9251772344df8bcf58.tar.gz |
SERVER-41164 stop documents from leaking into unrelated changestreams when regex control characters are in db name
Diffstat (limited to 'src/mongo/db/pipeline')
-rw-r--r-- | src/mongo/db/pipeline/document_source_change_stream.cpp | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/src/mongo/db/pipeline/document_source_change_stream.cpp b/src/mongo/db/pipeline/document_source_change_stream.cpp index 20c146a73ca..b9225fbe8cf 100644 --- a/src/mongo/db/pipeline/document_source_change_stream.cpp +++ b/src/mongo/db/pipeline/document_source_change_stream.cpp @@ -214,15 +214,27 @@ DocumentSourceChangeStream::ChangeStreamType DocumentSourceChangeStream::getChan } std::string DocumentSourceChangeStream::getNsRegexForChangeStream(const NamespaceString& nss) { + auto regexEscape = [](const std::string& source) { + std::string result = ""; + std::string escapes = "*+|()^?[]./\\$"; + for (const char& c : source) { + if (escapes.find(c) != std::string::npos) { + result.append("\\"); + } + result += c; + } + return result; + }; + auto type = getChangeStreamType(nss); switch (type) { case ChangeStreamType::kSingleCollection: // Match the target namespace exactly. - return "^" + nss.ns() + "$"; + return "^" + regexEscape(nss.ns()) + "$"; case ChangeStreamType::kSingleDatabase: // Match all namespaces that start with db name, followed by ".", then NOT followed by // '$' or 'system.' - return "^" + nss.db() + "\\." + kRegexAllCollections; + return "^" + regexEscape(nss.db().toString()) + "\\." + kRegexAllCollections; case ChangeStreamType::kAllChangesForCluster: // Match all namespaces that start with any db name other than admin, config, or local, // followed by ".", then NOT followed by '$' or 'system.'. |