[CDRIVER-2214] Throw errors in collection functions that write/read when a write/read concern is specified and maxWireVersion < 5 Created: 18/Jul/17  Updated: 28/Oct/23  Resolved: 09/Jan/18

Status: Closed
Project: C Driver
Component/s: libmongoc
Affects Version/s: None
Fix Version/s: 1.10.0

Type: Improvement Priority: Minor - P4
Reporter: Patrick Freed Assignee: A. Jesse Jiryu Davis
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Gantt Dependency
has to be done before CXX-1349 Implement manual read/write concern t... Closed
Related
related to PHPC-1350 Advise users not to use executeWriteC... Closed
Backwards Compatibility: Minor Change

 Description   

From the read/write concern spec:

Command helper methods for commands that write, other than those discussed above, MAY accept a write concern or write concern options in their parameter list. If the helper accepts a write concern, the driver MUST error if the selected server's MaxWireVersion < 5 and a write concern has explicitly been specified.

Helper methods that apply the write concern inherited from the Collection or Database, SHOULD check whether the selected server's MaxWireVersion >= 5 and if so, include the inherited write concern in the command on the wire. If the selected server's MaxWireVersion < 5, these methods SHOULD silently omit the write concern from the command on the wire.

The specific sentence the C Driver violates is: "If the helper accepts a write concern, the driver MUST error if the selected server's MaxWireVersion < 5 and a write concern has explicitly been specified."

Most of the commands implement the second paragraph from the spec, but do not error out if one passes the write concern in via the options document. (e.g. collection_aggregate_with_opts). These commands should be changed so that if a writeConcern is passed in and maxWireVersion < 5, the driver will throw an error.

Full list of these helper commands:

  • aggregate with $out
  • copydb
  • create
  • createIndexes
  • drop
  • dropDatabase
  • dropIndexes
  • mapReduce with $out
  • clone
  • cloneCollection
  • cloneCollectionAsCapped
  • collMod
  • convertToCapped
  • renameCollection

Likewise for readConcern, the spec says:

Only the server’s default ReadConcern is support by MaxWireVersion < 4. When using other readConcernLevels with clients reporting MaxWireVersion < 4, the driver MUST raise an error.

The driver implements this properly for aggregate_with_opts, but only silently fails with count, and does not seem to check at all for collection_find_with_opts.



 Comments   
Comment by Githook User [ 11/Jan/18 ]

Author:

{'email': 'jesse@mongodb.com', 'name': 'A. Jesse Jiryu Davis', 'username': 'ajdavis'}

Message: CDRIVER-2214 invalid free if aggregate fails

If aggregate is called with readConcern and the server is too old to
support it, aggregate returns early. Make sure the reply BSON is always
initialized, even with an early return.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/2dc5e4ab7ddb7e0b93eab09fc8d4adf98a983856

Comment by Githook User [ 10/Jan/18 ]

Author:

{'email': 'jesse@mongodb.com', 'name': 'A. Jesse Jiryu Davis', 'username': 'ajdavis'}

Message: CDRIVER-2214 leak in read concern test
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/44eb0983f78f24a4770c8b8c3cf83094050d4c6b

Comment by Githook User [ 09/Jan/18 ]

Author:

{'email': 'jesse@mongodb.com', 'name': 'A. Jesse Jiryu Davis', 'username': 'ajdavis'}

Message: CDRIVER-2214 prohibit read/writeConcern w/ old server

Commands that write now conform to the drivers spec: it is an error to
supply an explicit write concern if MongoDB is too old to support it.

Commands that read now conform to the spec as well: it is an error to
supply an explicit read concern or to inherit a read concern from the
client, database, or collection, if MongoDB is too old to support read
concern.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/5c88fde8bbf941a115b7de89b95f380ac636b318

Comment by A. Jesse Jiryu Davis [ 08/Jan/18 ]

I'll start with enforcing the writeConcern wire version check.

  • aggregate with $out - done
  • copydb - no helper, users should use mongoc_client_write_command_with_opts, which I've fixed and tested
  • create - no helper
  • createIndexes - deprecated helper which doesn't accept write concern, users are instructed to use mongoc_client/db/collection_write_command_with_opts
  • drop - mongoc_collection_drop_with_opts uses _mongoc_client_command_with_opts, fixed and tested
  • dropDatabase - mongoc_database_drop_with_opts uses _mongoc_client_command_with_opts, no additional test
  • dropIndexes - mongoc_collection_drop_index_with_opts uses _mongoc_client_command_with_opts, no additional test
  • mapReduce with $out - no helper
  • clone - no helper
  • cloneCollection - no helper
  • cloneCollectionAsCapped - no helper
  • collMod - no helper
  • convertToCapped - no helper
  • renameCollection - mongoc_collection_rename_with_opts uses _mongoc_client_command_with_opts, no additional test
Comment by A. Jesse Jiryu Davis [ 18/Jul/17 ]

Thanks for the report!

Generated at Wed Feb 07 21:14:32 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.