[CDRIVER-2706] Use of uninitialized bson_error_t when invalidating server from "not master" error Created: 17/Jun/18  Updated: 28/Oct/23  Resolved: 21/Jun/18

Status: Closed
Project: C Driver
Component/s: libmongoc
Affects Version/s: 1.11.0
Fix Version/s: 1.11.0

Type: Bug Priority: Major - P3
Reporter: A. Jesse Jiryu Davis Assignee: Kevin Albertson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Bug in unreleased code, I noticed this from a valgrind message while testing my transactions changes:

Begin /transactions/error-labels, seed 1002976610
  (snip)
  - add unknown commit label to writeConcernError ShutdownInProgress
==26085== Conditional jump or move depends on uninitialised value(s)
==26085==    at 0x596DFD: _mongoc_server_description_set_error (mongoc-server-description.c:470)
==26085==    by 0x596F1F: mongoc_server_description_handle_ismaster (mongoc-server-description.c:519)
==26085==    by 0x5A3E78: mongoc_topology_description_handle_ismaster (mongoc-topology-description.c:1940)
==26085==    by 0x5A2D0A: mongoc_topology_description_invalidate_server (mongoc-topology-description.c:1128)
==26085==    by 0x5A0A41: mongoc_topology_invalidate_server (mongoc-topology.c:924)
==26085==    by 0x568E5E: handle_not_master_error (mongoc-cluster.c:460)
==26085==    by 0x5691C2: mongoc_cluster_run_command_monitored (mongoc-cluster.c:575)
==26085==    by 0x564ACA: _mongoc_client_command_with_stream (mongoc-client.c:1609)
==26085==    by 0x56532A: _mongoc_client_command_with_opts (mongoc-client.c:1852)
==26085==    by 0x56552A: mongoc_client_write_command_with_opts (mongoc-client.c:1913)
==26085==    by 0x598C2B: txn_finish (mongoc-client-session.c:149)
==26085==    by 0x59A101: mongoc_client_session_commit_transaction (mongoc-client-session.c:788)
==26085==    by 0x46C4E3: commit_transaction (json-test-operations.c:1269)

In handle_not_master_error we call _check_not_master_or_recovering_error. If the server reply is something like this:

{
    "ok": 1.0,
    "writeConcernError": {
        "code": 91,
        "errmsg": "Replication is being shut down"
    }
}

... then the passed-in bson_error_t is uninitialized, because there wasn't a normal server error, but handle_not_master_error nevertheless passes the error down to mongoc_topology_invalidate_server.



 Comments   
Comment by Githook User [ 21/Jun/18 ]

Author:

{'username': 'kevinAlbs', 'name': 'Kevin Albertson', 'email': 'kevin.albertson@10gen.com'}

Message: CDRIVER-2706 set error on invalidated server
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/72687f63557ad52063420e5b69e37d7da40fde60

Generated at Wed Feb 07 21:16:05 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.