diff options
author | Adam Midvidy <amidvidy@gmail.com> | 2015-06-16 18:21:50 -0400 |
---|---|---|
committer | Adam Midvidy <amidvidy@gmail.com> | 2015-06-17 19:16:11 -0400 |
commit | 3adb7b4cfd51e7519298bdb6a9a857ebb4904941 (patch) | |
tree | 4d0cf85adc1f5307335eeb37d2ec57b83db33f68 /src | |
parent | 4f525b4550a7c47438938c69459326390164018d (diff) | |
download | mongo-3adb7b4cfd51e7519298bdb6a9a857ebb4904941.tar.gz |
SERVER-18167 handle BSON Validation in OP_COMMAND
Diffstat (limited to 'src')
-rw-r--r-- | src/mongo/base/data_type_validated_test.cpp | 32 | ||||
-rw-r--r-- | src/mongo/bson/bson_validate.cpp | 8 | ||||
-rw-r--r-- | src/mongo/bson/bson_validate.h | 6 | ||||
-rw-r--r-- | src/mongo/rpc/SConscript | 9 | ||||
-rw-r--r-- | src/mongo/rpc/command_reply.cpp | 10 | ||||
-rw-r--r-- | src/mongo/rpc/command_request.cpp | 6 | ||||
-rw-r--r-- | src/mongo/rpc/document_range.cpp | 4 | ||||
-rw-r--r-- | src/mongo/rpc/object_check.cpp | 49 | ||||
-rw-r--r-- | src/mongo/rpc/object_check.h | 47 | ||||
-rw-r--r-- | src/mongo/rpc/object_check_test.cpp | 89 |
10 files changed, 202 insertions, 58 deletions
diff --git a/src/mongo/base/data_type_validated_test.cpp b/src/mongo/base/data_type_validated_test.cpp index 4eb2c5c9d16..2a42fe40c12 100644 --- a/src/mongo/base/data_type_validated_test.cpp +++ b/src/mongo/base/data_type_validated_test.cpp @@ -97,36 +97,4 @@ namespace { } } - TEST(DataTypeValidated, BSONValidation) { - - using std::begin; - - BSONObj valid = BSON("foo" << "bar"); - char buf[1024] = { 0 }; - std::copy(valid.objdata(), valid.objdata() + valid.objsize(), begin(buf)); - - { - Validated<BSONObj> v; - ConstDataRangeCursor cdrc(begin(buf), end(buf)); - ASSERT_OK(cdrc.readAndAdvance(&v)); - } - - { - // mess up the data - DataRangeCursor drc(begin(buf), end(buf)); - auto maxIntLE = LittleEndian<int>(std::numeric_limits<int>::max()); - - drc.writeAndAdvance(maxIntLE); - drc.writeAndAdvance(maxIntLE); - drc.writeAndAdvance(maxIntLE); - drc.writeAndAdvance(maxIntLE); - } - - { - Validated<BSONObj> v; - ConstDataRangeCursor cdrc(begin(buf), end(buf)); - ASSERT_NOT_OK(cdrc.readAndAdvance(&v)); - } - } - } // namespace diff --git a/src/mongo/bson/bson_validate.cpp b/src/mongo/bson/bson_validate.cpp index cc1f43ef1f5..428447d989a 100644 --- a/src/mongo/bson/bson_validate.cpp +++ b/src/mongo/bson/bson_validate.cpp @@ -383,12 +383,4 @@ namespace mongo { return validateBSONIterative( &buf ); } - Status Validator<BSONObj>::validateLoad(const char* ptr, size_t length) { - return validateBSON(ptr, length); - } - - Status Validator<BSONObj>::validateStore(const BSONObj& toStore) { - return Status::OK(); - } - } // namespace mongo diff --git a/src/mongo/bson/bson_validate.h b/src/mongo/bson/bson_validate.h index abf48c4e882..f9b6d557da1 100644 --- a/src/mongo/bson/bson_validate.h +++ b/src/mongo/bson/bson_validate.h @@ -29,7 +29,6 @@ #pragma once -#include "mongo/base/data_type_validated.h" #include "mongo/base/string_data.h" #include "mongo/bson/bsontypes.h" #include "mongo/platform/cstdint.h" @@ -45,9 +44,4 @@ namespace mongo { */ Status validateBSON( const char* buf, uint64_t maxLength ); - template<> struct Validator<BSONObj> { - static Status validateLoad(const char* ptr, size_t length); - static Status validateStore(const BSONObj& toStore); - }; - } // namespace mongo diff --git a/src/mongo/rpc/SConscript b/src/mongo/rpc/SConscript index b976ad2643d..d70a0f7d194 100644 --- a/src/mongo/rpc/SConscript +++ b/src/mongo/rpc/SConscript @@ -39,6 +39,7 @@ env.Library( ], source=[ 'factory.cpp', + 'object_check.cpp', ], LIBDEPS=[ 'command_reply', @@ -142,15 +143,15 @@ env.CppUnitTest( 'rpc_test', ], source=[ - 'command_reply_builder_test.cpp', 'command_reply_test.cpp', 'command_request_builder_test.cpp', 'command_request_test.cpp', + 'object_check_test.cpp', 'protocol_test.cpp', + 'command_reply_builder_test.cpp', ], LIBDEPS=[ - 'command_request', - 'command_reply', - 'protocol', + 'rpc', + '$BUILD_DIR/mongo/client/clientdriver' ], ) diff --git a/src/mongo/rpc/command_reply.cpp b/src/mongo/rpc/command_reply.cpp index 7782b3b4997..dc8e22d8b89 100644 --- a/src/mongo/rpc/command_reply.cpp +++ b/src/mongo/rpc/command_reply.cpp @@ -31,8 +31,11 @@ #include "mongo/rpc/command_reply.h" #include <tuple> +#include <utility> #include "mongo/base/data_range_cursor.h" +#include "mongo/base/data_type_validated.h" +#include "mongo/rpc/object_check.h" #include "mongo/util/net/message.h" namespace mongo { @@ -51,11 +54,8 @@ namespace rpc { const char* messageEnd = begin + length; ConstDataRangeCursor cur(begin, messageEnd); - // TODO(amidvidy): we don't currently handle BSON validation. - // we will eventually have to thread serverGlobalParams.objcheck through here - // similarly to DbMessage::nextJsObj - uassertStatusOK(cur.readAndAdvance<BSONObj>(&_metadata)); - uassertStatusOK(cur.readAndAdvance<BSONObj>(&_commandReply)); + _metadata = std::move(uassertStatusOK(cur.readAndAdvance<Validated<BSONObj>>()).val); + _commandReply = std::move(uassertStatusOK(cur.readAndAdvance<Validated<BSONObj>>()).val); _outputDocs = DocumentRange(cur.data(), messageEnd); } diff --git a/src/mongo/rpc/command_request.cpp b/src/mongo/rpc/command_request.cpp index f3006b73aa8..a6c73eeb389 100644 --- a/src/mongo/rpc/command_request.cpp +++ b/src/mongo/rpc/command_request.cpp @@ -36,7 +36,9 @@ #include "mongo/base/data_range_cursor.h" #include "mongo/base/data_type_string_data.h" #include "mongo/base/data_type_terminated.h" +#include "mongo/base/data_type_validated.h" #include "mongo/db/jsobj.h" +#include "mongo/rpc/object_check.h" #include "mongo/util/assert_util.h" #include "mongo/util/mongoutils/str.h" #include "mongo/util/net/message.h" @@ -82,8 +84,8 @@ namespace rpc { (_commandName.size() >= kMinCommandNameLength) && (_commandName.size() <= kMaxCommandNameLength)); - uassertStatusOK(cur.readAndAdvance<BSONObj>(&_metadata)); - uassertStatusOK(cur.readAndAdvance<BSONObj>(&_commandArgs)); + _metadata = std::move(uassertStatusOK(cur.readAndAdvance<Validated<BSONObj>>()).val); + _commandArgs = std::move(uassertStatusOK(cur.readAndAdvance<Validated<BSONObj>>()).val); _inputDocs = DocumentRange{cur.data(), messageEnd}; } diff --git a/src/mongo/rpc/document_range.cpp b/src/mongo/rpc/document_range.cpp index 115cd0f3ba8..56e5d8c1add 100644 --- a/src/mongo/rpc/document_range.cpp +++ b/src/mongo/rpc/document_range.cpp @@ -35,6 +35,8 @@ #include <tuple> #include <utility> +#include "mongo/base/data_type_validated.h" +#include "mongo/rpc/object_check.h" #include "mongo/util/assert_util.h" namespace mongo { @@ -87,7 +89,7 @@ namespace rpc { if (_cursor.length() == 0) { *this = const_iterator{}; } else { - uassertStatusOK(_cursor.readAndAdvance<BSONObj>(&_obj)); + _obj = std::move(uassertStatusOK(_cursor.readAndAdvance<Validated<BSONObj>>()).val); } return *this; } diff --git a/src/mongo/rpc/object_check.cpp b/src/mongo/rpc/object_check.cpp new file mode 100644 index 00000000000..988a98ed31b --- /dev/null +++ b/src/mongo/rpc/object_check.cpp @@ -0,0 +1,49 @@ +/** + * Copyright (C) 2015 MongoDB Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the GNU Affero General Public License in all respects for + * all of the code used other than as permitted herein. If you modify file(s) + * with this exception, you may extend this exception to your version of the + * file(s), but you are not obligated to do so. If you do not wish to do so, + * delete this exception statement from your version. If you delete this + * exception statement from all source files in the program, then also delete + * it in the license file. + */ + +#include "mongo/platform/basic.h" + +#include "mongo/rpc/object_check.h" + +#include "mongo/base/status.h" +#include "mongo/bson/bson_validate.h" +#include "mongo/db/jsobj.h" +#include "mongo/db/server_options.h" + + +namespace mongo { + + Status Validator<BSONObj>::validateLoad(const char* ptr, size_t length) { + return serverGlobalParams.objcheck ? validateBSON(ptr, length) : Status::OK(); + } + + Status Validator<BSONObj>::validateStore(const BSONObj& toStore) { + return Status::OK(); + } + +} // namespace mongo diff --git a/src/mongo/rpc/object_check.h b/src/mongo/rpc/object_check.h new file mode 100644 index 00000000000..9db3e6f0015 --- /dev/null +++ b/src/mongo/rpc/object_check.h @@ -0,0 +1,47 @@ +/** + * Copyright (C) 2015 MongoDB Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the GNU Affero General Public License in all respects for + * all of the code used other than as permitted herein. If you modify file(s) + * with this exception, you may extend this exception to your version of the + * file(s), but you are not obligated to do so. If you do not wish to do so, + * delete this exception statement from your version. If you delete this + * exception statement from all source files in the program, then also delete + * it in the license file. + */ + +#pragma once + +#include "mongo/base/data_type_validated.h" + +// We do not use the rpc namespace here so we can specialize Validator. +namespace mongo { + class BSONObj; + class Status; + + /** + * A validator for BSON objects. The implementation will validate the input object + * if validation is enabled, or return Status::OK() otherwise. + */ + template<> struct Validator<BSONObj> { + static Status validateLoad(const char* ptr, size_t length); + static Status validateStore(const BSONObj& toStore); + }; + +} // namespace mongo diff --git a/src/mongo/rpc/object_check_test.cpp b/src/mongo/rpc/object_check_test.cpp new file mode 100644 index 00000000000..30e1f739679 --- /dev/null +++ b/src/mongo/rpc/object_check_test.cpp @@ -0,0 +1,89 @@ +/** + * Copyright (C) 2015 MongoDB Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the GNU Affero General Public License in all respects + * for all of the code used other than as permitted herein. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you do not + * wish to do so, delete this exception statement from your version. If you + * delete this exception statement from all source files in the program, + * then also delete it in the license file. + */ + +#include "mongo/platform/basic.h" + +#include <iterator> + +#include "mongo/base/data_range_cursor.h" +#include "mongo/db/jsobj.h" +#include "mongo/db/server_options.h" +#include "mongo/rpc/object_check.h" +#include "mongo/unittest/unittest.h" +#include "mongo/util/scopeguard.h" + +namespace { + + using namespace mongo; + + TEST(DataTypeValidated, BSONValidationEnabled) { + + using std::swap; + + bool wasEnabled = serverGlobalParams.objcheck; + const auto setValidation = [&](bool enabled){ serverGlobalParams.objcheck = enabled; }; + ON_BLOCK_EXIT(setValidation, wasEnabled); + + using std::begin; + using std::end; + + BSONObj valid = BSON("baz" << "bar" << "garply" << BSON("foo" << "bar")); + char buf[1024] = { 0 }; + std::copy(valid.objdata(), valid.objdata() + valid.objsize(), begin(buf)); + { + Validated<BSONObj> v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_OK(cdrc.readAndAdvance(&v)); + } + + { + // mess up the data + DataRangeCursor drc(begin(buf), end(buf)); + auto maxIntLE = LittleEndian<int>(std::numeric_limits<int>::max()); + + // skip past size so we don't trip any sanity checks. + drc.advance(4); // skip size + while (drc.writeAndAdvance(0xFF).isOK()) ; + } + + { + Validated<BSONObj> v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_NOT_OK(cdrc.readAndAdvance(&v)); + } + + { + // disable validation + setValidation(false); + Validated<BSONObj> v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_OK(cdrc.readAndAdvance(&v)); + } + } + +} |