CDRIVER-5550 fix crash if password is NULL

[melisha-git]

If I have a custom connection string without password - 'mongodb://[email protected]:27030/admin', then mongo cursor crashes

[melisha-git]

I don’t know what to do next and should the tests be run before the review?

[melisha-git]

how i can restart first and second piplines? This is random? Fix is very small

[kevinAlbs]

Thank you for the contribution. This appears to fix the crash, but results in no error if auth fails with an empty password. Example:

bson_error_t error = {0};
mongoc_client_t *client = mongoc_client_new ("mongodb://foobar@localhost:27017/admin");
mongoc_client_command_simple (
    client, "admin", tmp_bson ("{'ping': 1}"), NULL /* read prefs */, NULL /* reply */, &error);
if (error.code == 0) {
    fprintf (stderr, "Expected error to be set, but was not.\n");
    abort ();
}
mongoc_client_destroy (client);

#1586 is a suggested alternative fix and includes a regression test. If you would like to verify that change fixes the issue, that would be appreciated.

---

Aside: I was unable to successfully auth with a user with an empty password. I am not sure if it is expected to succeed. Local tests suggest servers do not support creating users with empty passwords:

$ mongosh --eval 'print("Server version: " + db.version()); db.createUser({"user":"foobar", "pwd":"", "roles": ["readWrite"]})' --quiet --username user --password password
Server version: 4.0.27
MongoServerError: User passwords must not be empty

Is authenticating with an empty password expected to succeed for your use case? If "yes", what server version are you running? How was the user created? Are you able to auth in another driver or mongosh? (I think the crash should be fixed regardless, but if an empty password is not expected to succeed, the driver could instead return error for an empty password).

---

how i can restart first and second piplines? This is random? Fix is very small

External contributors are unable to start CI (Evergreen). The test failures are unrelated to the changes in this PR.

[melisha-git]

I'm expecting an error for an empty password

[melisha-git]

but the driver crashes

[melisha-git]

#1586 is a suggested alternative fix and includes a regression test. If you would like to verify that change fixes the issue, that would be appreciated.

Yes, i test it tomorrow

[kevinAlbs]

I'm expecting an error for an empty password

Got it. In that case, I am closing this PR in favor of #1586 to ensure an error is returned authentication failure.

Thank you for reporting this issue!