-
Type: Bug
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Replication
-
Fully Compatible
-
ALL
-
Platforms 2017-07-10
A few options in mongod_options.cpp (such as "replication.replSetName") call std::string.c_str() then passes the result to a function that takes a std::string. This appears to be unintentional, but has the impact of silently truncating the option at the first \0 byte. I don't think it is possible to pass embedded NUL bytes on the command line so it requires a config file. Example config file:
replication: replSetName: "Oh No\0!"
I see a few possible options:
- Remove the c_str() and start including the NUL byte. Maybe also add validation with allowed characters in replSet names.
- Error if there is a NUL byte.
- Decide this is intentional and add a comment explaining it. We should also look at arguments without a c_str() and decide if they should also truncate.
- Decide that no options in the config file should support NUL bytes and error in the main options parser logic.