SERVER-13517 Internal client validates BSON in all command responses and when reading from cursor in DBClientCursor

2 files changed, 10 insertions, 2 deletions

diff --git a/src/mongo/rpc/legacy_reply.cpp b/src/mongo/rpc/legacy_reply.cpp
index e9af23dee9e..572a96d2dd2 100644
--- a/src/mongo/rpc/legacy_reply.cpp
+++ b/src/mongo/rpc/legacy_reply.cpp
@@ -33,6 +33,7 @@
 #include <tuple>
 #include <utility>
 
+#include "mongo/bson/bson_validate.h"
 #include "mongo/rpc/legacy_reply_builder.h"
 #include "mongo/rpc/metadata.h"
 #include "mongo/util/assert_util.h"
@@ -67,6 +68,15 @@ LegacyReply::LegacyReply(const Message* message) : _message(std::move(message))
                           << qr.getStartingFrom(),
             qr.getStartingFrom() == 0);
 
+    if (serverGlobalParams.objcheck) {
+        uassert(ErrorCodes::InvalidBSON,
+                "Got legacy command reply with invalid BSON in the metadata field.",
+                validateBSON(qr.data(),
+                             qr.dataLen(),
+                             enableBSON1_1 ? BSONVersion::kV1_1 : BSONVersion::kV1_0)
+                    .isOK());
+    }
+
     std::tie(_commandReply, _metadata) =
         uassertStatusOK(rpc::upconvertReplyMetadata(BSONObj(qr.data())));
 
diff --git a/src/mongo/rpc/legacy_reply.h b/src/mongo/rpc/legacy_reply.h
index bfb366f1da2..7d3d222f59d 100644
--- a/src/mongo/rpc/legacy_reply.h
+++ b/src/mongo/rpc/legacy_reply.h
@@ -41,8 +41,6 @@ namespace rpc {
 
 /**
  * Immutable view of an OP_REPLY legacy-style command reply.
- *
- * TODO: BSON validation (SERVER-18167)
  */
 class LegacyReply : public ReplyInterface {
 public: