CDRIVER-700 unchecked errs from mongoc_uri_do_unescape

ajdavis · ajdavis · commit 8ca5db7aa7fa · 2015-06-09T16:09:35.000-04:00
diff --git a/src/mongoc/mongoc-uri.c b/src/mongoc/mongoc-uri.c
@@ -273,6 +273,12 @@ mongoc_uri_parse_host (mongoc_uri_t  *uri,
    }
 
    mongoc_uri_do_unescape(&hostname);
+   if (!hostname) {
+      /* invalid */
+      bson_free (hostname);
+      return false;
+   }
+
    mongoc_uri_append_host(uri, hostname, port);
    bson_free(hostname);
 
@@ -400,6 +406,10 @@ mongoc_uri_parse_database (mongoc_uri_t  *uri,
    }
 
    mongoc_uri_do_unescape(&uri->database);
+   if (!uri->database) {
+      /* invalid */
+      return false;
+   }
 
    return true;
 }
@@ -489,6 +499,10 @@ mongoc_uri_parse_option (mongoc_uri_t *uri,
 
    value = bson_strdup(end_key + 1);
    mongoc_uri_do_unescape(&value);
+   if (!value) {
+      /* do_unescape detected invalid UTF-8 and freed value */
+      return false;
+   }
 
    if (!strcasecmp(key, "connecttimeoutms") ||
        !strcasecmp(key, "sockettimeoutms") ||
diff --git a/tests/test-mongoc-uri.c b/tests/test-mongoc-uri.c
@@ -6,6 +6,12 @@
 
 #include "test-libmongoc.h"
 
+#define ASSERT_SUPPRESS(x) \
+   do { \
+      suppress_one_message (); \
+      ASSERT (x); \
+   } while (0)
+
 static void
 test_mongoc_uri_new (void)
 {
@@ -19,6 +25,22 @@ test_mongoc_uri_new (void)
 
    /* bad uris */
    ASSERT(!mongoc_uri_new("mongodb://"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://localhost/\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://localhost:\x80/"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://localhost/?ipv6=\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://localhost/?foo=\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://localhost/?\x80=bar"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://\x80:pass@localhost"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://user:\x80@localhost"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://user%40DOMAIN.COM:password@localhost/?"
+                                   "authMechanism=\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://user%40DOMAIN.COM:password@localhost/?"
+                                   "authMechanism=GSSAPI"
+                                   "&authMechanismProperties=SERVICE_NAME:\x80"));
+   ASSERT_SUPPRESS(!mongoc_uri_new("mongodb://user%40DOMAIN.COM:password@localhost/?"
+                                   "authMechanism=GSSAPI"
+                                   "&authMechanismProperties=\x80:mongodb"));
    ASSERT(!mongoc_uri_new("mongodb://::"));
    ASSERT(!mongoc_uri_new("mongodb://localhost::27017"));
    ASSERT(!mongoc_uri_new("mongodb://localhost,localhost::"));
@@ -347,6 +369,8 @@ test_mongoc_uri_new (void)
    mongoc_uri_destroy(uri);
 }
 
+#undef ASSERT_SUPPRESS
+
 static void
 test_mongoc_host_list_from_string (void)
 {
