Uploaded image for project: 'Libmongocrypt'
  1. Libmongocrypt
  2. MONGOCRYPT-581

Allow passing negative len to kms_request_append_payload() for strlen() calculation

    • Type: Icon: Task Task
    • Resolution: Works as Designed
    • Priority: Icon: Unknown Unknown
    • None
    • Affects Version/s: 1.7.0
    • Component/s: None
    • None
    • Not Needed

      55f2ee0 for MONGOCRYPT-468 added the following assertion for the size_t len parameter in kms_request_append_payload():

      KMS_ASSERT (len <= SSIZE_MAX);
      

      When building an application with both libmongoc and libmongocrypt, it's possible that the libmongocrypt KMS package will be used instead of the libmongoc version. This is the case with the PHP driver when compiling with bundled sources.

      In such a build configuration, the assertion logic breaks MONGODB-AWS auth code that invokes kms_request_append_payload() with len = -1, which is intended to defer to calling strlen().

            Assignee:
            kevin.albertson@mongodb.com Kevin Albertson
            Reporter:
            jmikola@mongodb.com Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: