[CDRIVER-4420] bson_error_t message shows garbage in some cases Created: 02/Jul/22 Updated: 27/Oct/23 Resolved: 14/Jul/22 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Unknown |
| Reporter: | Joseph Canedo | Assignee: | Ezra Chung |
| Resolution: | Works as Designed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
| Comments |
| Comment by Joseph Canedo [ 14/Jul/22 ] | |||||||||||||||||||||||||||
|
Just realizing issue I get is linked to "corner" case in C++. We have an overload operator<< which takes a const char (&)[N] which expected a string literal (hence null terminated at N - 1). bson_error_t::message is a C array hence function prints it all regardless null char just after error message. I'll change code to avoid this issue. Sorry for the spam, and thanks for having taken time to look the problem. | |||||||||||||||||||||||||||
| Comment by Joseph Canedo [ 14/Jul/22 ] | |||||||||||||||||||||||||||
|
Hi Ezra, thanks for having a look. I've just run application without no MongoDB server running and I get this error message:
1 [2022-07-13 19:54:03.996230] Thread<0x00007f9a28904340> error: Cannot get MongoDB databases list for database identifier "8ee67fa16c5e4a799fc4d3ead5e51a89". Got error me�(Vs�B�$�Z�N���(V84��(V8�(Vx�(V�(V`�(V��������`�ce` set): [connection refused calling hello on '127.0.0.1:27017']��(���(�HY�(@�(V84��(V�� | |||||||||||||||||||||||||||
| Comment by Ezra Chung [ 13/Jul/22 ] | |||||||||||||||||||||||||||
|
Hello, josephcanedo@gmail.com. I have attempted to reproduce your reported behavior using the following minimum example without success:
Output (no garbage observed):
Can you please confirm if the example above produces garbage as reported when run in your environment? bson_set_error is implemented using bson_vsnprintf, which in turn is implemented using vsnprintf. vsnprintf is equivalent to snprintf, which has the following specification: "If n is zero, nothing is written, and s may be a null pointer. Otherwise, output characters beyond the {{n-1}}st are discarded rather than being written to the array, and a null character is written at the end of the characters actually written into the array." If the error message is set with a non-zero string length (as evidenced by the presence of the "No suitable servers found" portion of the message), it should always be null-terminated immediately after the last character written to the array accordingly. Note: the str[size - 1] = '\0'; in bson-string.c and the error->message[sizeof error->message - 1] = '\0'; in bson-error.c are both redundant safeguards on top of vsnprintf that ensure a null terminator at the end of the message buffer. Further examination of the relevant source code does not suggest the presence of a (missing) null termination bug. If we rule out the possibility of a bug in the implementation of vsnprintf, my best guess is that operator<< given HX2A_LOG(error) << error.message is overloaded such that, given an argument of array type, it prints every element of the array, regardless of the presence of null terminators (that is, it behaves like a "print an array" formatter rather than a "print a null-terminated byte string" formatter). This may be verified by examining whether there is a null terminator after the ']' character in the originally reported message that is being ignored. Can you please confirm if there is a null terminator at the end of the (valid) error message (immediately following the ']') in the original output? |