Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-28570

Analysis of 'MongoDB' source code by PVS-Studio

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Internal Code
    • Labels:
      None

      Hello,
      To demonstrate the abilities of PVS-Studio analyzer, we decided to find several bugs.

      Unable to find source-code formatter for language: с++. Available languages are: actionscript, ada, applescript, bash, c, c#, c++, cpp, css, erlang, go, groovy, haskell, html, java, javascript, js, json, lua, none, nyan, objc, perl, php, python, r, rainbow, ruby, scala, sh, sql, swift, visualbasic, xml, yaml
      Status verifySystemIndexes(OperationContext* opCtx) {
  ....
  IndexCatalog* indexCatalog = collection->getIndexCatalog();
  std::vector<IndexDescriptor*> indexes;
  indexCatalog->findIndexesByKeyPattern(opCtx,                    // <=
                                        v1SystemUsersKeyPattern, 
                                        false, 
                                        &indexes);
  if (indexCatalog && !indexes.empty()) {                         // <=
    ....
  }
  ....
}

      A link to the source code on GitHub

      PVS-Studio warning: V595 The 'indexCatalog' pointer was utilized before it was verified against nullptr. Check lines: 100, 102. auth_index_d.cpp 100

      In the conditional expression of the if statement there is a check that the pointer indexCatalog is non-null. But earlier in the code we see a call of the method findIndexesByKeyPattern via the pointer indexCatalog. Thus, if indexCatalog is a null pointer, then in the line 100 we'll have a null pointer dereference before the necessary check. If the pointer indexCatalog can never be null, then the statement indexCatalog && !indexes.empty() is redundant.

      Unable to find source-code formatter for language: с++. Available languages are: actionscript, ada, applescript, bash, c, c#, c++, cpp, css, erlang, go, groovy, haskell, html, java, javascript, js, json, lua, none, nyan, objc, perl, php, python, r, rainbow, ruby, scala, sh, sql, swift, visualbasic, xml, yaml
      string IndexBoundsBuilder::simpleRegex(....) {
  ....
  if (c == 'Q') {
    ....
  } else if ((c >= 'A' && c <= 'Z') || 
             (c >= 'a' && c <= 'z') || 
             (c >= '0' && c <= '0') ||          // <=
             (c == '\0')) {
    ....
  }
  ....
}

      A link to the source code on GitHub

      PVS-Studio warning: V590 Consider inspecting the 'c >= '0' && c <= '0'' expression. The expression is excessive or contains a misprint. index_bounds_builder.cpp 145

      Most likely, the subexpression c >= '0' && c <= '0' has an error, there is no range check of the symbol (this subexpression will be true only in case c == '0'). Judging by other subexpressions, supposedly it should be as follows: c >= '0' && c <= '9'.

      Unable to find source-code formatter for language: с++. Available languages are: actionscript, ada, applescript, bash, c, c#, c++, cpp, css, erlang, go, groovy, haskell, html, java, javascript, js, json, lua, none, nyan, objc, perl, php, python, r, rainbow, ruby, scala, sh, sql, swift, visualbasic, xml, yaml
      void* MemoryMappedFile::map(....) {
  ....
  size_t len = strlen(filename);
  for (size_t i = len - 1; i >= 0; i--) {            // <=
    if (filename[i] == '/' || filename[i] == '\\')
      break;

    if (filename[i] == ':')
      filename[i] = '_';
  }
  ....
}

      A link to the source code on GitHub

      PVS-Studio warning: V547 Expression 'i >= 0' is always true. Unsigned type value is always >= 0. mmap_windows.cpp 197

      The conditional statement of the loop (i >= 0) should always be true, as the loop counter ( i ) is of unsigned type (size_t).

      PVS-Studio is a tool for bug detection in the source code of programs, written in C, C++ and C#. It works in Windows and Linux environment. https://www.viva64.com/en/pvs-studio/
      We suggests having a look at the emails, sent from @viva64.com.

      Best regards,
      Sergey Vasiliev

            Assignee:
            kelsey.schubert@mongodb.com Kelsey Schubert
            Reporter:
            Night walker Sergey [X]
            Votes:
            0 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: