[CDRIVER-2740] mongoc_gridfs_file_readv aborts when a chunk is larger than chunkSize Created: 12/Jul/18  Updated: 28/Oct/23  Resolved: 23/Jul/18

Status: Closed
Project: C Driver
Component/s: GridFS, libmongoc
Affects Version/s: 1.11.0
Fix Version/s: 1.13.0

Type: Bug Priority: Major - P3
Reporter: Ben Cheong Assignee: A. Jesse Jiryu Davis
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

To reproduce:

  1. create a normal gridfs file in server side
  2. corrupt the server side data by updating the binary data with data length larger than chunk size
    e.g. by issuing the following update script on gridfs .chunks collection

    db.getCollection("test.chunks").update( { _id: ObjectId("5b44698c5e82244456e061c3") }, { _id: ObjectId("5b44698c5e82244456e061c3"), "files_id": ObjectId("5b44698a7fe4771ab4002304"), n: NumberInt("0"), data: BinData(0, "iVBOR.....RK5CYII=") } );
    

    note: the binary data length has to be larger than the defined gridfs file chunk size

  1. in client side, issue the following call

    mongoc_gridfs_file_readv(...)
    

  2. it will cause an BSON_ASSERT (len <= chunk_size); since the len of this page is larger than the chunk_size

    mongoc_gridfs_file_page_t *
    _mongoc_gridfs_file_page_new (const uint8_t *data,
                                  uint32_t len,
                                  uint32_t chunk_size)
    {
       mongoc_gridfs_file_page_t *page;
     
       ENTRY;
     
       BSON_ASSERT (data);
       BSON_ASSERT (len <= chunk_size);
     
       page = (mongoc_gridfs_file_page_t *) bson_malloc0 (sizeof *page);
     
       page->chunk_size = chunk_size;
       page->read_buf = data;
       page->len = len;
     
       RETURN (page);
    }
    

Client side library should check for this corrupted case, instead of asserting the execution?
At the moment, there is no way to do a precaution checking without inspecting the low level raw .chunks collection

The libmongoc should be fixed, since server side data corruption should not assert client side execution.



 Comments   
Comment by Githook User [ 23/Jul/18 ]

Author:

{'username': 'ajdavis', 'name': 'A. Jesse Jiryu Davis', 'email': 'jesse@mongodb.com'}

Message: CDRIVER-2740 error, don't assert, on bad chunk

GridFS had asserted that each chunk's length was at most chunkSize.
Instead, return a new error MONGOC_ERROR_GRIDFS_CORRUPT when a bad chunk
is detected.
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/4ee48457fda8cfe66ff10817027671e27c6978fe

Comment by A. Jesse Jiryu Davis [ 12/Jul/18 ]

We should set an error, the file is "corrupt".

Comment by A. Jesse Jiryu Davis [ 12/Jul/18 ]

Agreed, thanks for the report.

Generated at Wed Feb 07 21:16:11 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.