From 3adb7b4cfd51e7519298bdb6a9a857ebb4904941 Mon Sep 17 00:00:00 2001 From: Adam Midvidy Date: Tue, 16 Jun 2015 18:21:50 -0400 Subject: SERVER-18167 handle BSON Validation in OP_COMMAND --- src/mongo/rpc/object_check_test.cpp | 89 +++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 src/mongo/rpc/object_check_test.cpp (limited to 'src/mongo/rpc/object_check_test.cpp') diff --git a/src/mongo/rpc/object_check_test.cpp b/src/mongo/rpc/object_check_test.cpp new file mode 100644 index 00000000000..30e1f739679 --- /dev/null +++ b/src/mongo/rpc/object_check_test.cpp @@ -0,0 +1,89 @@ +/** + * Copyright (C) 2015 MongoDB Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * As a special exception, the copyright holders give permission to link the + * code of portions of this program with the OpenSSL library under certain + * conditions as described in each individual source file and distribute + * linked combinations including the program with the OpenSSL library. You + * must comply with the GNU Affero General Public License in all respects + * for all of the code used other than as permitted herein. If you modify + * file(s) with this exception, you may extend this exception to your + * version of the file(s), but you are not obligated to do so. If you do not + * wish to do so, delete this exception statement from your version. If you + * delete this exception statement from all source files in the program, + * then also delete it in the license file. + */ + +#include "mongo/platform/basic.h" + +#include + +#include "mongo/base/data_range_cursor.h" +#include "mongo/db/jsobj.h" +#include "mongo/db/server_options.h" +#include "mongo/rpc/object_check.h" +#include "mongo/unittest/unittest.h" +#include "mongo/util/scopeguard.h" + +namespace { + + using namespace mongo; + + TEST(DataTypeValidated, BSONValidationEnabled) { + + using std::swap; + + bool wasEnabled = serverGlobalParams.objcheck; + const auto setValidation = [&](bool enabled){ serverGlobalParams.objcheck = enabled; }; + ON_BLOCK_EXIT(setValidation, wasEnabled); + + using std::begin; + using std::end; + + BSONObj valid = BSON("baz" << "bar" << "garply" << BSON("foo" << "bar")); + char buf[1024] = { 0 }; + std::copy(valid.objdata(), valid.objdata() + valid.objsize(), begin(buf)); + { + Validated v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_OK(cdrc.readAndAdvance(&v)); + } + + { + // mess up the data + DataRangeCursor drc(begin(buf), end(buf)); + auto maxIntLE = LittleEndian(std::numeric_limits::max()); + + // skip past size so we don't trip any sanity checks. + drc.advance(4); // skip size + while (drc.writeAndAdvance(0xFF).isOK()) ; + } + + { + Validated v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_NOT_OK(cdrc.readAndAdvance(&v)); + } + + { + // disable validation + setValidation(false); + Validated v; + ConstDataRangeCursor cdrc(begin(buf), end(buf)); + ASSERT_OK(cdrc.readAndAdvance(&v)); + } + } + +} -- cgit v1.2.1