-
Type: Task
-
Resolution: Works as Designed
-
Priority: Unknown
-
None
-
Affects Version/s: 1.7.0
-
Component/s: None
-
None
-
Not Needed
55f2ee0 for MONGOCRYPT-468 added the following assertion for the size_t len parameter in kms_request_append_payload():
KMS_ASSERT (len <= SSIZE_MAX);
When building an application with both libmongoc and libmongocrypt, it's possible that the libmongocrypt KMS package will be used instead of the libmongoc version. This is the case with the PHP driver when compiling with bundled sources.
In such a build configuration, the assertion logic breaks MONGODB-AWS auth code that invokes kms_request_append_payload() with len = -1, which is intended to defer to calling strlen().
- related to
-
CDRIVER-4694 Do not rely on kms_request_append_payload() to calculate payload length
- Closed
-
PHPC-1895 Add native support for AWS IAM Roles for service accounts, EKS in particular
- Closed
-
CDRIVER-4691 Sync KMS sources with libmongocrypt
- Closed