JAVA-1900: Ensure that BSON binary values of subtype 3 or 4 (UUID_LEGACY and UUID_STANDARD) can be decoded even if they have an unexpected size.

jyemin · jyemin · commit 8799770704ad · 2016-09-22T08:46:44.000-04:00
BSON binary representations of UUID should be 16 bytes, but the server doesn't enforce that constraint.  Rather than throw an exception when decoding a
   UUID value with length other than 16, the driver should instead decode it to an instance of org.bson.Binary rather than the expected java.util.UUID.

  This way, clients expecting a UUID instance will still fail if casting to UUID, but at least they have the ability to control this behavior by doing type tests.
  And clients that don't care one way or the other will continue to function in the face of bad data.
diff --git a/bson/src/main/org/bson/AbstractBsonReader.java b/bson/src/main/org/bson/AbstractBsonReader.java
@@ -120,6 +120,14 @@ protected boolean isClosed() {
      */
     protected abstract byte doPeekBinarySubType();
 
+    /**
+     * Handles the logic to peek at the binary size.
+     *
+     * @return the binary size
+     * @since 3.4
+     */
+    protected abstract int doPeekBinarySize();
+
     /**
      * Handles the logic to read booleans
      *
@@ -283,6 +291,12 @@ public byte peekBinarySubType() {
         return doPeekBinarySubType();
     }
 
+    @Override
+    public int peekBinarySize() {
+        checkPreconditions("readBinaryData", BsonType.BINARY);
+        return doPeekBinarySize();
+    }
+
     @Override
     public boolean readBoolean() {
         checkPreconditions("readBoolean", BsonType.BOOLEAN);
diff --git a/bson/src/main/org/bson/BsonBinaryReader.java b/bson/src/main/org/bson/BsonBinaryReader.java
@@ -153,6 +153,14 @@ protected byte doPeekBinarySubType() {
         return type;
     }
 
+    @Override
+    protected int doPeekBinarySize() {
+        mark();
+        int size = readSize();
+        reset();
+        return size;
+    }
+
     @Override
     protected boolean doReadBoolean() {
         byte booleanByte = bsonInput.readByte();
diff --git a/bson/src/main/org/bson/BsonBinarySubType.java b/bson/src/main/org/bson/BsonBinarySubType.java
@@ -59,6 +59,17 @@ public enum BsonBinarySubType {
 
     private final byte value;
 
+    /**
+     * Returns true if the given value is a UUID subtype
+     *
+     * @param value the subtype value as a byte
+     * @return true if value is a UUID subtype
+     * @since 3.4
+     */
+    public static boolean isUuid(final byte value) {
+        return value == UUID_LEGACY.getValue() || value == UUID_STANDARD.getValue();
+    }
+
     BsonBinarySubType(final byte value) {
         this.value = value;
     }
@@ -71,5 +82,4 @@ public enum BsonBinarySubType {
     public byte getValue() {
         return value;
     }
-
 }
diff --git a/bson/src/main/org/bson/BsonDocumentReader.java b/bson/src/main/org/bson/BsonDocumentReader.java
@@ -58,6 +58,11 @@ protected byte doPeekBinarySubType() {
         return currentValue.asBinary().getType();
     }
 
+    @Override
+    protected int doPeekBinarySize() {
+        return currentValue.asBinary().getData().length;
+    }
+
     @Override
     protected boolean doReadBoolean() {
         return currentValue.asBoolean().getValue();
diff --git a/bson/src/main/org/bson/BsonReader.java b/bson/src/main/org/bson/BsonReader.java
@@ -52,6 +52,15 @@ public interface BsonReader {
      */
     byte peekBinarySubType();
 
+    /**
+     * Peeks the size of the binary data that the reader is positioned at.  This operation is not permitted if the mark is already set.
+     *
+     * @return the size of the binary data
+     * @see #mark()
+     * @since 3.4
+     */
+    int peekBinarySize();
+
     /**
      * Reads a BSON Binary data element from the reader.
      *
diff --git a/bson/src/main/org/bson/codecs/DocumentCodec.java b/bson/src/main/org/bson/codecs/DocumentCodec.java
@@ -205,12 +205,9 @@ private Object readValue(final BsonReader reader, final DecoderContext decoderCo
             reader.readNull();
             return null;
         } else if (bsonType == BsonType.ARRAY) {
-           return readList(reader, decoderContext);
-        } else if (bsonType == BsonType.BINARY) {
-            byte bsonSubType = reader.peekBinarySubType();
-            if (bsonSubType == BsonBinarySubType.UUID_STANDARD.getValue() || bsonSubType == BsonBinarySubType.UUID_LEGACY.getValue()) {
-                return registry.get(UUID.class).decode(reader, decoderContext);
-            }
+            return readList(reader, decoderContext);
+        } else if (bsonType == BsonType.BINARY && BsonBinarySubType.isUuid(reader.peekBinarySubType()) && reader.peekBinarySize() == 16) {
+            return registry.get(UUID.class).decode(reader, decoderContext);
         }
         return valueTransformer.transform(bsonTypeCodecMap.get(bsonType).decode(reader, decoderContext));
     }
diff --git a/bson/src/main/org/bson/json/JsonReader.java b/bson/src/main/org/bson/json/JsonReader.java
@@ -86,6 +86,11 @@ protected byte doPeekBinarySubType() {
        return doReadBinaryData().getType();
     }
 
+    @Override
+    protected int doPeekBinarySize() {
+        return doReadBinaryData().getData().length;
+    }
+
     @Override
     protected boolean doReadBoolean() {
         return (Boolean) currentValue;
diff --git a/bson/src/test/unit/org/bson/BsonBinarySubTypeSpecification.groovy b/bson/src/test/unit/org/bson/BsonBinarySubTypeSpecification.groovy
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2016 MongoDB, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+package org.bson
+
+import spock.lang.Specification
+
+class BsonBinarySubTypeSpecification extends Specification {
+
+    def 'should be uuid only for legacy and uuid types'() {
+        expect:
+        BsonBinarySubType.isUuid(value as byte) == isUuid
+
+        where:
+        value | isUuid
+        1     | false
+        2     | false
+        3     | true
+        4     | true
+        5     | false
+    }
+}
diff --git a/bson/src/test/unit/org/bson/LimitedLookaheadMarkSpecification.groovy b/bson/src/test/unit/org/bson/LimitedLookaheadMarkSpecification.groovy
@@ -242,7 +242,7 @@ class LimitedLookaheadMarkSpecification extends Specification {
         ]
     }
 
-    def 'should peek binary subtype'(BsonWriter writer) {
+    def 'should peek binary subtype and size'(BsonWriter writer) {
         given:
         writer.with {
             writeStartDocument()
@@ -265,12 +265,14 @@ class LimitedLookaheadMarkSpecification extends Specification {
         reader.readStartDocument()
         reader.readName()
         def subType = reader.peekBinarySubType()
+        def size = reader.peekBinarySize()
         def binary = reader.readBinaryData()
         def longValue = reader.readInt64('int64')
         reader.readEndDocument()
 
         then:
         subType == BsonBinarySubType.UUID_LEGACY.value
+        size == 16
         binary == new BsonBinary(BsonBinarySubType.UUID_LEGACY, new byte[16])
         longValue == 52L
 
diff --git a/bson/src/test/unit/org/bson/codecs/DocumentCodecSpecification.groovy b/bson/src/test/unit/org/bson/codecs/DocumentCodecSpecification.groovy
@@ -139,6 +139,25 @@ class DocumentCodecSpecification extends Specification {
         ]
     }
 
+    @SuppressWarnings(['LineLength'])
+    def 'should decode binary subtypes for UUID'() {
+        given:
+        def reader = new BsonBinaryReader(ByteBuffer.wrap(bytes as byte[]))
+
+        when:
+        def document = new DocumentCodec().decode(reader, DecoderContext.builder().build())
+
+        then:
+        value == document.get('f')
+
+        where:
+        value                                                   | bytes
+        new Binary((byte) 0x03, (byte[]) [115, 116, 11])        | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 3, 115, 116, 11, 0]
+        new Binary((byte) 0x04, (byte[]) [115, 116, 11])        | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 4, 115, 116, 11, 0]
+        UUID.fromString('08070605-0403-0201-100f-0e0d0c0b0a09') | [29, 0, 0, 0, 5, 102, 0, 16, 0, 0, 0, 3, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 0]
+        UUID.fromString('01020304-0506-0708-090a-0b0c0d0e0f10') | [29, 0, 0, 0, 5, 102, 0, 16, 0, 0, 0, 4, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 0]
+    }
+
     def 'should respect encodeIdFirst property in encoder context'() {
         given:
         def originalDocument = new Document('x', 2)
diff --git a/config/clirr-exclude.yml b/config/clirr-exclude.yml
@@ -8,13 +8,15 @@ packages:
 members:
   org.bson.AbstractBsonReader:
   - doReadDecimal128()
+  - doPeekBinarySize()
   org.bson.AbstractBsonWriter:
   - doWriteDecimal128(org.bson.types.Decimal128)
   org.bson.BsonNumber:
   - decimal128Value()
   org.bson.BsonReader:
   - readDecimal128()
   - readDecimal128(java.lang.String)
+  - peekBinarySize()
   org.bson.BsonWriter:
   - writeDecimal128(org.bson.types.Decimal128)
   - writeDecimal128(java.lang.String,org.bson.types.Decimal128)
diff --git a/driver/src/main/com/mongodb/DBObjectCodec.java b/driver/src/main/com/mongodb/DBObjectCodec.java
@@ -19,6 +19,7 @@
 import org.bson.BSON;
 import org.bson.BSONObject;
 import org.bson.BsonBinary;
+import org.bson.BsonBinarySubType;
 import org.bson.BsonDbPointer;
 import org.bson.BsonDocument;
 import org.bson.BsonDocumentWriter;
@@ -51,8 +52,6 @@
 import static com.mongodb.assertions.Assertions.notNull;
 import static org.bson.BsonBinarySubType.BINARY;
 import static org.bson.BsonBinarySubType.OLD_BINARY;
-import static org.bson.BsonBinarySubType.UUID_LEGACY;
-import static org.bson.BsonBinarySubType.UUID_STANDARD;
 
 /**
  * A collectible codec for a DBObject.
@@ -318,11 +317,11 @@ private Object readValue(final BsonReader reader, final DecoderContext decoderCo
     }
 
     private Object readBinary(final BsonReader reader, final DecoderContext decoderContext) {
-        byte bsonSubType = reader.peekBinarySubType();
+        byte bsonBinarySubType = reader.peekBinarySubType();
 
-        if (bsonSubType == UUID_STANDARD.getValue() || bsonSubType == UUID_LEGACY.getValue()) {
+        if (BsonBinarySubType.isUuid(bsonBinarySubType) && reader.peekBinarySize() == 16) {
             return codecRegistry.get(UUID.class).decode(reader, decoderContext);
-        } else if (bsonSubType == BINARY.getValue() || bsonSubType == OLD_BINARY.getValue()) {
+        } else if (bsonBinarySubType == BINARY.getValue() || bsonBinarySubType == OLD_BINARY.getValue()) {
             return codecRegistry.get(byte[].class).decode(reader, decoderContext);
         } else {
             return codecRegistry.get(Binary.class).decode(reader, decoderContext);
diff --git a/driver/src/main/org/bson/LazyBSONObject.java b/driver/src/main/org/bson/LazyBSONObject.java
@@ -16,6 +16,8 @@
 
 package org.bson;
 
+import org.bson.codecs.DecoderContext;
+import org.bson.codecs.UuidCodec;
 import org.bson.io.ByteBufferBsonInput;
 import org.bson.types.BSONTimestamp;
 import org.bson.types.Binary;
@@ -42,10 +44,10 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.UUID;
 import java.util.regex.Pattern;
 
-import static org.bson.io.Bits.readLong;
+import static org.bson.BsonBinarySubType.BINARY;
+import static org.bson.BsonBinarySubType.OLD_BINARY;
 
 /**
  * An immutable {@code BSONObject} backed by a byte buffer that lazily provides keys and values on request. This is useful for transferring
@@ -171,12 +173,13 @@ Object readValue(final BsonBinaryReader reader) {
             case STRING:
                 return reader.readString();
             case BINARY:
+                byte binarySubType = reader.peekBinarySubType();
+                if (BsonBinarySubType.isUuid(binarySubType) && reader.peekBinarySize() == 16) {
+                    return new UuidCodec().decode(reader, DecoderContext.builder().build());
+                }
                 BsonBinary binary = reader.readBinaryData();
-                byte binaryType = binary.getType();
-                if (binaryType == BsonBinarySubType.BINARY.getValue() || binaryType == BsonBinarySubType.OLD_BINARY.getValue()) {
+                if (binarySubType == BINARY.getValue() || binarySubType == OLD_BINARY.getValue()) {
                     return binary.getData();
-                } else if (binaryType == BsonBinarySubType.UUID_LEGACY.getValue()) {
-                    return new UUID(readLong(binary.getData(), 0), readLong(binary.getData(), 8));
                 } else {
                     return new Binary(binary.getType(), binary.getData());
                 }
diff --git a/driver/src/test/unit/com/mongodb/DBObjectCodecSpecification.groovy b/driver/src/test/unit/com/mongodb/DBObjectCodecSpecification.groovy
@@ -46,7 +46,7 @@ class DBObjectCodecSpecification extends Specification {
     def codecRegistry = fromProviders([new ValueCodecProvider(), new DBObjectCodecProvider(), new BsonValueCodecProvider()])
     def dbObjectCodec = new DBObjectCodec(codecRegistry)
 
-    def 'should encode and decode UUID as Binary'() {
+    def 'should encode and decode UUID as UUID'() {
         given:
         def uuid = UUID.fromString('01020304-0506-0708-090a-0b0c0d0e0f10')
         def doc = new BasicDBObject('uuid', uuid)
@@ -64,7 +64,25 @@ class DBObjectCodecSpecification extends Specification {
         decodedUuid.get('uuid') == uuid
     }
 
-    def 'should encode and decode UUID as Binary with alternate UUID Codec'() {
+    def 'should decode a malformed UUID binary as Binary'() {
+        given:
+        def doc = new BasicDBObject('uuid', malformedBinaryUuid)
+        dbObjectCodec.encode(new BsonDocumentWriter(bsonDoc), doc, EncoderContext.builder().build())
+
+        when:
+        def decodedMalformedUuid = dbObjectCodec.decode(new BsonDocumentReader(bsonDoc), DecoderContext.builder().build())
+
+        then:
+        decodedMalformedUuid.get('uuid') == malformedBinaryUuid
+
+        where:
+        malformedBinaryUuid << [new Binary(BsonBinarySubType.UUID_LEGACY,
+                [8, 7, 6, 5, 4, 3, 2, 1, 16, 15, 14, 13, 12, 11, 10, 9, 8] as byte[]),
+                                new Binary(BsonBinarySubType.UUID_STANDARD,
+                                        [8, 7, 6, 5, 4, 3, 2, 1, 16, 15, 14, 13, 12, 11, 10] as byte[])]
+    }
+
+    def 'should encode and decode UUID as UUID with alternate UUID Codec'() {
         given:
         def codecWithAlternateUUIDCodec = new DBObjectCodec(fromRegistries(fromCodecs(new UuidCodec(STANDARD)), codecRegistry))
         def uuid = UUID.fromString('01020304-0506-0708-090a-0b0c0d0e0f10')
diff --git a/driver/src/test/unit/org/bson/LazyBSONObjectSpecification.groovy b/driver/src/test/unit/org/bson/LazyBSONObjectSpecification.groovy
@@ -65,6 +65,10 @@ class LazyBSONObjectSpecification extends Specification {
         [1, 2, 3] as int[]                                                    | [34, 0, 0, 0, 4, 102, 0, 26, 0, 0, 0, 16, 48, 0, 1, 0, 0, 0, 16, 49, 0, 2, 0, 0, 0, 16, 50, 0, 3, 0, 0, 0, 0, 0]
         [[]]                                                                  | [21, 0, 0, 0, 4, 102, 0, 13, 0, 0, 0, 4, 48, 0, 5, 0, 0, 0, 0, 0, 0]
         new Binary((byte) 0x01, (byte[]) [115, 116, 11])                      | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 1, 115, 116, 11, 0]
+        new Binary((byte) 0x03, (byte[]) [115, 116, 11])                      | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 3, 115, 116, 11, 0]
+        new Binary((byte) 0x04, (byte[]) [115, 116, 11])                      | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 4, 115, 116, 11, 0]
+        UUID.fromString('08070605-0403-0201-100f-0e0d0c0b0a09')               | [29, 0, 0, 0, 5, 102, 0, 16, 0, 0, 0, 3, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 0]
+        UUID.fromString('01020304-0506-0708-090a-0b0c0d0e0f10')               | [29, 0, 0, 0, 5, 102, 0, 16, 0, 0, 0, 4, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 0]
         [13, 12] as byte[]                                                    | [15, 0, 0, 0, 5, 102, 0, 2, 0, 0, 0, 0, 13, 12, 0]
         [102, 111, 111] as byte[]                                             | [16, 0, 0, 0, 5, 102, 0, 3, 0, 0, 0, 0, 102, 111, 111, 0]
         new ObjectId('50d3332018c6a1d8d1662b61')                              | [20, 0, 0, 0, 7, 102, 0, 80, -45, 51, 32, 24, -58, -95, -40, -47, 102, 43, 97, 0]
