Merge pull request #756

Author: jmikola

collection.c

@@ -74,11 +74,13 @@ void php_mongo_collection_construct(zval *this, zval *parent, char *name_str, in
 	char *ns;
 
 	/* check for empty and invalid collection names */
-	if (
-		name_len == 0 ||
-		memchr(name_str, '\0', name_len) != 0
-	) {
-		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "MongoDB::__construct(): invalid name %s", name_str);
+	if (name_len == 0) {
+		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "Collection name cannot be empty");
+		return;
+	}
+
+	if (memchr(name_str, '\0', name_len) != 0) {
+		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "Collection name cannot contain null bytes: %s\\0...", name_str);
 		return;
 	}
 

db.c

@@ -112,18 +112,24 @@ static int php_mongo_command_supports_rp(zval *cmd)
 
 int php_mongo_db_is_valid_dbname(char *dbname, int dbname_len TSRMLS_DC)
 {
+	if (dbname_len == 0) {
+		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "Database name cannot be empty");
+		return 0;
+	}
+
 	if (memchr(dbname, '\0', dbname_len) != NULL) {
-		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "MongoDB::__construct(): '\\0' not allowed in database names: %s\\0...", dbname);
+		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "Database name cannot contain null bytes: %s\\0...", dbname);
+		return 0;
 	}
 
 	if (
-		dbname_len == 0 ||
 		memchr(dbname, ' ', dbname_len) != 0 || memchr(dbname, '.', dbname_len) != 0 || memchr(dbname, '\\', dbname_len) != 0 ||
 		memchr(dbname, '/', dbname_len) != 0 || memchr(dbname, '$', dbname_len) != 0
 	) {
-		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "MongoDB::__construct(): invalid name %s", dbname);
+		zend_throw_exception_ex(mongo_ce_Exception, 2 TSRMLS_CC, "Database name contains invalid characters: %s", dbname);
 		return 0;
 	}
+
 	return 1;
 }
 

tests/generic/database-valid-name.phpt

@@ -16,7 +16,7 @@ foreach ($names as $name) {
 }
 ?>
 --EXPECT--
-\: MongoDB::__construct(): invalid name \
-$: MongoDB::__construct(): invalid name $
-/: MongoDB::__construct(): invalid name /
-foo.bar: MongoDB::__construct(): invalid name foo.bar
+\: Database name contains invalid characters: \
+$: Database name contains invalid characters: $
+/: Database name contains invalid characters: /
+foo.bar: Database name contains invalid characters: foo.bar

tests/generic/mongoclient-selectcollection-001.phpt

@@ -0,0 +1,19 @@
+--TEST--
+Mongo::selectCollection()
+--SKIPIF--
+<?php require_once "tests/utils/standalone.inc"; ?>
+--FILE--
+<?php
+require_once "tests/utils/server.inc";
+
+$host = MongoShellServer::getStandaloneInfo();
+$mc = new MongoClient($host);
+
+$collection = $mc->selectCollection('db', 'collection');
+
+echo get_class($collection), "\n";
+echo (string) $collection, "\n";
+?>
+--EXPECT--
+MongoCollection
+db.collection

tests/generic/mongoclient-selectcollection_error-001.phpt

@@ -0,0 +1,76 @@
+--TEST--
+MongoClient::selectCollection() with invalid database name
+--SKIPIF--
+<?php require_once "tests/utils/standalone.inc" ?>
+--FILE--
+<?php
+require_once "tests/utils/server.inc";
+
+$host = MongoShellServer::getStandaloneInfo();
+$mc = new MongoClient($host);
+
+echo "Testing missing database name parameter\n";
+
+$mc->selectCollection();
+
+echo "\nTesting database name with invalid types\n";
+
+$mc->selectCollection(array(), 'collection');
+$mc->selectCollection(new stdClass, 'collection');
+
+echo "\nTesting empty database name\n";
+
+try {
+    $mc->selectCollection('', 'collection');
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+echo "\nTesting database name with null bytes\n";
+
+try {
+    $mc->selectCollection("foo\0bar", 'collection');
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+echo "\nTesting database name with invalid characters\n";
+
+try {
+    $mc->selectCollection("foo.bar", 'collection');
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+?>
+--EXPECTF--
+Testing missing database name parameter
+
+Warning: MongoClient::selectCollection() expects exactly 2 parameters, 0 given in %s on line %d
+
+Testing database name with invalid types
+
+Warning: MongoClient::selectCollection() expects parameter 1 to be string, array given in %s on line %d
+
+Warning: MongoClient::selectCollection() expects parameter 1 to be string, object given in %s on line %d
+
+Testing empty database name
+exception class: MongoException
+exception message: Database name cannot be empty
+exception code: 2
+
+Testing database name with null bytes
+exception class: MongoException
+exception message: Database name cannot contain null bytes: foo\0...
+exception code: 2
+
+Testing database name with invalid characters
+exception class: MongoException
+exception message: Database name contains invalid characters: foo.bar
+exception code: 2

tests/generic/mongoclient-selectcollection_error-002.phpt

@@ -0,0 +1,61 @@
+--TEST--
+MongoClient::selectCollection() with invalid collection name
+--SKIPIF--
+<?php require_once "tests/utils/standalone.inc" ?>
+--FILE--
+<?php
+require_once "tests/utils/server.inc";
+
+$host = MongoShellServer::getStandaloneInfo();
+$mc = new MongoClient($host);
+
+echo "Testing missing collection name parameter\n";
+
+$mc->selectCollection('db');
+
+echo "\nTesting collection name with invalid types\n";
+
+$mc->selectCollection('db', array());
+$mc->selectCollection('db', new stdClass);
+
+echo "\nTesting empty collection name\n";
+
+try {
+    $mc->selectCollection('db', '');
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+echo "\nTesting collection name with null bytes\n";
+
+try {
+    $mc->selectCollection('db', "foo\0bar");
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+?>
+--EXPECTF--
+Testing missing collection name parameter
+
+Warning: MongoClient::selectCollection() expects exactly 2 parameters, 1 given in %s on line %d
+
+Testing collection name with invalid types
+
+Warning: MongoClient::selectCollection() expects parameter 2 to be string, array given in %s on line %d
+
+Warning: MongoClient::selectCollection() expects parameter 2 to be string, object given in %s on line %d
+
+Testing empty collection name
+exception class: MongoException
+exception message: Collection name cannot be empty
+exception code: 2
+
+Testing collection name with null bytes
+exception class: MongoException
+exception message: Collection name cannot contain null bytes: foo\0...
+exception code: 2

tests/generic/mongoclient-selectcollection_error.phpt

@@ -0,0 +1,19 @@
+--TEST--
+Mongo::selectDB()
+--SKIPIF--
+<?php require_once "tests/utils/standalone.inc"; ?>
+--FILE--
+<?php
+require_once "tests/utils/server.inc";
+
+$host = MongoShellServer::getStandaloneInfo();
+$mc = new MongoClient($host);
+
+$db = $mc->selectDB('db');
+
+echo get_class($db), "\n";
+echo (string) $db, "\n";
+?>
+--EXPECT--
+MongoDB
+db

tests/generic/mongoclient-selectdb-001.phpt

@@ -0,0 +1,76 @@
+--TEST--
+MongoClient::selectDB() with invalid database name
+--SKIPIF--
+<?php require_once "tests/utils/standalone.inc" ?>
+--FILE--
+<?php
+require_once "tests/utils/server.inc";
+
+$host = MongoShellServer::getStandaloneInfo();
+$mc = new MongoClient($host);
+
+echo "Testing missing database name parameter\n";
+
+$mc->selectDB();
+
+echo "\nTesting database name with invalid types\n";
+
+$mc->selectDB(array());
+$mc->selectDB(new stdClass);
+
+echo "\nTesting empty database name\n";
+
+try {
+    $mc->selectDB('');
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+echo "\nTesting database name with null bytes\n";
+
+try {
+    $mc->selectDB("foo\0bar");
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+echo "\nTesting database name with invalid characters\n";
+
+try {
+    $mc->selectDB("foo.bar");
+} catch (Exception $e) {
+    printf("exception class: %s\n", get_class($e));
+    printf("exception message: %s\n", $e->getMessage());
+    printf("exception code: %d\n", $e->getCode());
+}
+
+?>
+--EXPECTF--
+Testing missing database name parameter
+
+Warning: MongoClient::selectDB() expects exactly 1 parameter, 0 given in %s on line %d
+
+Testing database name with invalid types
+
+Warning: MongoClient::selectDB() expects parameter 1 to be string, array given in %s on line %d
+
+Warning: MongoClient::selectDB() expects parameter 1 to be string, object given in %s on line %d
+
+Testing empty database name
+exception class: MongoException
+exception message: Database name cannot be empty
+exception code: 2
+
+Testing database name with null bytes
+exception class: MongoException
+exception message: Database name cannot contain null bytes: foo\0...
+exception code: 2
+
+Testing database name with invalid characters
+exception class: MongoException
+exception message: Database name contains invalid characters: foo.bar
+exception code: 2