[SERVER-5726] clean cursorid generation Created: 30/Apr/12  Updated: 11/Jul/16  Resolved: 17/Nov/12

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 2.3.1

Type: Improvement Priority: Major - P3
Reporter: Aaron Staple Assignee: Eliot Horowitz (Inactive)
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Participants:

 Description   

    long long ctmLast = 0; // so we don't have to do find() which is a little slow very often.
    long long ClientCursor::allocCursorId_inlock() {
        long long ctm = curTimeMillis64();
        dassert( ctm );
        long long x;
        while ( 1 ) {
            x = (((long long)rand()) << 32);
            x = x ^ ctm;
            if ( ctm != ctmLast || ClientCursor::find_inlock(x, false) == 0 )
                break;
        }
        ctmLast = ctm;
        return x;
    }

1) Reserved values should be excluded. Currently I believe it is possible for this function to return 0 (used to indicate 'no cursor' in network messages). We should also verify that -1 (another sentinel value indicating 'invalid' internal to mongod) cannot be generated even if the system time is set incorrectly.
2) If a ClientCursor is created and destroyed in the same millisecond (could occur with a server side yield), its cursorid could potentially be reused quickly.
3) The id of a long lived cursor (~50 days) could potentially be reused while the cursor is still in use.

Many of the above are low probability events.



 Comments   
Comment by Daniel Pasette (Inactive) [ 17/Nov/12 ]

git commit: 330d394f6f050b664712c6354aec1e2a5e10a710
msg: use SecureRandom to seed PseudoRandom for cursor id generation

Comment by auto [ 05/May/12 ]

Author:

{u'login': u'astaple', u'name': u'Aaron', u'email': u'aaron@10gen.com'}

Message: SERVER-5726 Mark relevant code.
Branch: master
https://github.com/mongodb/mongo/commit/a1d10192150fe646ffde4db8041395c372b624cb

Comment by Andy Schwerin [ 02/May/12 ]

Note this is an unsafe use of rand() on Linux. rand() is not thread safe.

Generated at Thu Feb 08 03:09:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.