CDRIVER-3338 workaround CDRIVER-3340

- Decrypting an empty bson binary value aborts due to a libbson bug
mongodb · Aug 28, 2019 · 518f9a2 · 518f9a2
1 parent 9aac558
commit 518f9a2
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 0 deletions.
diff --git a/src/mongocrypt-buffer.c b/src/mongocrypt-buffer.c
@@ -310,6 +310,15 @@ _mongocrypt_buffer_to_bson_value (_mongocrypt_buffer_t *plaintext,
    bson_iter_init_find (&iter, &wrapper, "");
    bson_value_copy (bson_iter_value (&iter), out);
 
+   /* Due to an open libbson bug (CDRIVER-3340), give an empty
+      * binary payload a real address. TODO: remove this after
+      * CDRIVER-3340 is fixed. */
+   if (out->value_type == BSON_TYPE_BINARY &&
+       0 == out->value.v_binary.data_len) {
+      out->value.v_binary.data =
+         bson_malloc (1); /* Freed in bson_value_destroy */
+   }
+
    ret = true;
 fail:
    bson_free (data);

diff --git a/test/test-mongocrypt-ctx-decrypt.c b/test/test-mongocrypt-ctx-decrypt.c
@@ -162,6 +162,44 @@ _test_decrypt_empty_aws (_mongocrypt_tester_t *tester)
    mongocrypt_destroy (crypt);
 }
 
+static void
+_test_decrypt_empty_binary (_mongocrypt_tester_t *tester)
+{
+   mongocrypt_t *crypt;
+   mongocrypt_ctx_t *ctx;
+   mongocrypt_binary_t *bin;
+   _mongocrypt_buffer_t encrypted;
+
+   bin = mongocrypt_binary_new ();
+   crypt = _mongocrypt_tester_mongocrypt ();
+   ctx = mongocrypt_ctx_new (crypt);
+
+   /* Encrypt an empty binary value. */
+   mongocrypt_ctx_setopt_key_alt_name (
+      ctx, TEST_BSON ("{'keyAltName': 'keyDocumentName'}"));
+   mongocrypt_ctx_setopt_algorithm (
+      ctx, "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic", -1);
+   mongocrypt_ctx_explicit_encrypt_init (
+      ctx,
+      TEST_BSON ("{'v': { '$binary': { 'base64': '', 'subType': '00' } } }"));
+   _mongocrypt_tester_run_ctx_to (tester, ctx, MONGOCRYPT_CTX_READY);
+   mongocrypt_ctx_finalize (ctx, bin);
+   /* Copy the encrypted ciphertext since it is tied to the lifetime of ctx. */
+   _mongocrypt_buffer_copy_from_binary (&encrypted, bin);
+   mongocrypt_ctx_destroy (ctx);
+
+   /* Decrypt it back. */
+   ctx = mongocrypt_ctx_new (crypt);
+   mongocrypt_ctx_explicit_decrypt_init (
+      ctx, _mongocrypt_buffer_as_binary (&encrypted));
+   _mongocrypt_tester_run_ctx_to (tester, ctx, MONGOCRYPT_CTX_READY);
+   mongocrypt_ctx_finalize (ctx, bin);
+
+   mongocrypt_binary_destroy (bin);
+   mongocrypt_ctx_destroy (ctx);
+   _mongocrypt_buffer_cleanup (&encrypted);
+   mongocrypt_destroy (crypt);
+}
 
 void
 _mongocrypt_tester_install_ctx_decrypt (_mongocrypt_tester_t *tester)
@@ -171,4 +209,5 @@ _mongocrypt_tester_install_ctx_decrypt (_mongocrypt_tester_t *tester)
    INSTALL_TEST (_test_decrypt_need_keys);
    INSTALL_TEST (_test_decrypt_ready);
    INSTALL_TEST (_test_decrypt_empty_aws);
+   INSTALL_TEST (_test_decrypt_empty_binary);
 }