Connection String (#1467)

rozza · web-flow · commit da2ad6067de9 · 2024-08-07T17:20:10.000+01:00
Don't output the host and port information if the port is invalid. Reduces risk of leaking password information if the password has not been correctly urlencoded. JAVA-5560
diff --git a/driver-core/src/main/com/mongodb/ConnectionString.java b/driver-core/src/main/com/mongodb/ConnectionString.java
@@ -1209,7 +1209,7 @@ private List<String> parseHosts(final List<String> rawHosts) {
                 }
                 int idx = host.indexOf("]:");
                 if (idx != -1) {
-                    validatePort(host, host.substring(idx + 2));
+                    validatePort(host.substring(idx + 2));
                 }
             } else {
                 int colonCount = countOccurrences(host, ":");
@@ -1218,7 +1218,7 @@ private List<String> parseHosts(final List<String> rawHosts) {
                             + "Reserved characters such as ':' must be escaped according RFC 2396. "
                             + "Any IPv6 address literal must be enclosed in '[' and ']' according to RFC 2732.", host));
                 } else if (colonCount == 1) {
-                    validatePort(host, host.substring(host.indexOf(":") + 1));
+                    validatePort(host.substring(host.indexOf(":") + 1));
                 }
             }
             hosts.add(host);
@@ -1227,19 +1227,17 @@ private List<String> parseHosts(final List<String> rawHosts) {
         return hosts;
     }
 
-    private void validatePort(final String host, final String port) {
-        boolean invalidPort = false;
+    private void validatePort(final String port) {
         try {
             int portInt = Integer.parseInt(port);
             if (portInt <= 0 || portInt > 65535) {
-                invalidPort = true;
+                throw new IllegalArgumentException("The connection string contains an invalid host and port. "
+                        + "The port must be an integer between 0 and 65535.");
             }
         } catch (NumberFormatException e) {
-            invalidPort = true;
-        }
-        if (invalidPort) {
-            throw new IllegalArgumentException(format("The connection string contains an invalid host '%s'. "
-                    + "The port '%s' is not a valid, it must be an integer between 0 and 65535", host, port));
+            throw new IllegalArgumentException("The connection string contains an invalid host and port. "
+                    + "The port contains non-digit characters, it must be an integer between 0 and 65535. "
+                    + "Hint: username and password must be escaped according to RFC 3986.");
         }
     }
 
diff --git a/driver-core/src/test/unit/com/mongodb/ConnectionStringUnitTest.java b/driver-core/src/test/unit/com/mongodb/ConnectionStringUnitTest.java
@@ -19,6 +19,7 @@
 import com.mongodb.connection.ServerMonitoringMode;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
 import org.junit.jupiter.params.provider.ValueSource;
 
 import java.io.UnsupportedEncodingException;
@@ -27,6 +28,7 @@
 
 import static org.junit.jupiter.api.Assertions.assertAll;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@@ -92,4 +94,20 @@ void serverMonitoringMode() {
                         () -> new ConnectionString(DEFAULT_OPTIONS + "serverMonitoringMode=invalid"))
         );
     }
+
+
+    @ParameterizedTest
+    @ValueSource(strings = {"mongodb://foo:bar/@hostname/java?", "mongodb://foo:bar?@hostname/java/",
+                            "mongodb+srv://foo:bar/@hostname/java?", "mongodb+srv://foo:bar?@hostname/java/",
+                            "mongodb://foo:bar/@[::1]:27018", "mongodb://foo:bar?@[::1]:27018",
+                            "mongodb://foo:12345678/@hostname", "mongodb+srv://foo:12345678/@hostname",
+                            "mongodb://foo:12345678/@hostname", "mongodb+srv://foo:12345678/@hostname",
+                            "mongodb://foo:12345678%40hostname", "mongodb+srv://foo:12345678%40hostname",
+                            "mongodb://foo:12345678@bar@hostname", "mongodb+srv://foo:12345678@bar@hostname"
+    })
+    void unescapedPasswordsShouldNotBeLeakedInExceptionMessages(final String input) {
+        IllegalArgumentException exception = assertThrows(IllegalArgumentException.class, () -> new ConnectionString(input));
+        assertFalse(exception.getMessage().contains("bar"));
+        assertFalse(exception.getMessage().contains("12345678"));
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -1209,7 +1209,7 @@ private List<String> parseHosts(final List<String> rawHosts) {`
`1209`	`1209`	`}`
`1210`	`1210`	`int idx = host.indexOf("]:");`
`1211`	`1211`	`if (idx != -1) {`
`1212`		`- validatePort(host, host.substring(idx + 2));`
	`1212`	`+ validatePort(host.substring(idx + 2));`
`1213`	`1213`	`}`
`1214`	`1214`	`} else {`
`1215`	`1215`	`int colonCount = countOccurrences(host, ":");`
`@@ -1218,7 +1218,7 @@ private List<String> parseHosts(final List<String> rawHosts) {`
`1218`	`1218`	`+ "Reserved characters such as ':' must be escaped according RFC 2396. "`
`1219`	`1219`	`+ "Any IPv6 address literal must be enclosed in '[' and ']' according to RFC 2732.", host));`
`1220`	`1220`	`} else if (colonCount == 1) {`
`1221`		`- validatePort(host, host.substring(host.indexOf(":") + 1));`
	`1221`	`+ validatePort(host.substring(host.indexOf(":") + 1));`
`1222`	`1222`	`}`
`1223`	`1223`	`}`
`1224`	`1224`	`hosts.add(host);`
`@@ -1227,19 +1227,17 @@ private List<String> parseHosts(final List<String> rawHosts) {`
`1227`	`1227`	`return hosts;`
`1228`	`1228`	`}`
`1229`	`1229`
`1230`		`- private void validatePort(final String host, final String port) {`
`1231`		`- boolean invalidPort = false;`
	`1230`	`+ private void validatePort(final String port) {`
`1232`	`1231`	`try {`
`1233`	`1232`	`int portInt = Integer.parseInt(port);`
`1234`	`1233`	`if (portInt <= 0 \|\| portInt > 65535) {`
`1235`		`- invalidPort = true;`
	`1234`	`+ throw new IllegalArgumentException("The connection string contains an invalid host and port. "`
	`1235`	`+ + "The port must be an integer between 0 and 65535.");`
`1236`	`1236`	`}`
`1237`	`1237`	`} catch (NumberFormatException e) {`
`1238`		`- invalidPort = true;`
`1239`		`- }`
`1240`		`- if (invalidPort) {`
`1241`		`- throw new IllegalArgumentException(format("The connection string contains an invalid host '%s'. "`
`1242`		`- + "The port '%s' is not a valid, it must be an integer between 0 and 65535", host, port));`
	`1238`	`+ throw new IllegalArgumentException("The connection string contains an invalid host and port. "`
	`1239`	`+ + "The port contains non-digit characters, it must be an integer between 0 and 65535. "`
	`1240`	`+ + "Hint: username and password must be escaped according to RFC 3986.");`
`1243`	`1241`	`}`
`1244`	`1242`	`}`
`1245`	`1243`