CDRIVER-4781 Avoid intermediate uint32_t for socketTimeoutMS by eramongodb · Pull Request #1475 · mongodb/mongo-c-driver

eramongodb · 2023-11-13T17:27:12Z

Resolves CDRIVER-4781. Verified by this patch.

#1229 introduced range representability checks for conversion from int64_t -> int32_t timeout parameters in internal read/write utility functions, where due to historical reasons, int64_t timeout parameters for several read/write operations are forwarded to underlying int32_t timeout parameters (narrowing conversion). The new range checks are (correctly but unexpectedly) triggered by mongoc_cluster_t::sockettimeoutms when the URI option is set to -1, which has also been (implicitly) supported for historical reasons. The negative value was being implicitly converted to a large unsigned value before being passed as an int64_t, before being converted back to -1 when cast back to int32_t:

-1         (int32_t: MONGOC_URI_SOCKETTIMEOUTMS)
4294967295 (uint32_t: mongoc_cluster_t::sockettimeoutms)
4294967295 (int64_t: _mongoc_stream_writev_full())
  >int32_t range check failure< (the breaking change)
-1         (int32_t: mongoc_stream_writev(), impl-defined narrowing signed conversion)

This PR restores support for negative values for the socketTimeoutMS URI option for backward compatibility by replacing the intermediate uint32_t data members of mongoc_cluster_t with int32_t for better consistency with how the values are both assigned and used internally. This avoids the implicit conversion into a large unsigned value that triggers the range check before conversion back to an int32_t. This change also addresses 5 GCC and 5 Clang warnings for implicit sign conversion. Other instances of internal representation of timeout values (that aren't ignored, i.e. gridfs functions) do not seem to be affected: there are no other instances of intermediately-representing the timeout as an unsigned integer.

A regression test is added that ensures the range check is not triggered by a negative socketTimeoutMS URI value. This regression test + git bisect verified that the breaking change was triggered by abb0bb7 (#1229).

As a drive-by fix, this PR also fixes the incorrect format specifier for error messages concerning timeout_ms (PRId64 for int64_t).

Additionally, an attempt is made to document the unspecified/inconsistent behavior of non-positive timeout values for the URI option documentation and for functions that have a timeout parameter (i.e. mongoc_stream_*()). Scanning through how the timeout values are both represented and interpreted within libmongoc, it does not seem desirable to continue to support non-positive URI timeout values (even 0) despite historical (implicit) support.

…te uint32_t

src/libmongoc/doc/mongoc_uri_t.rst

kevinAlbs

LGTM with minor suggestions.

src/libmongoc/doc/mongoc_uri_t.rst

* Fix format specifier in timeout range validation error messages * CDRIVER-4781 Avoid overflow of -1 sockettimeout in cast to intermediate uint32_t * Add regression test for negative sockettimeoutms validation * Update documentation with warnings for non-positive timeout values * Update timeout variables for type consistency * Add regression test for unspecified default timeout in writev functions

eramongodb added 5 commits November 13, 2023 10:15

Fix format specifier in timeout_ms validation errors

7228caa

CDRIVER-4781 Avoid overflow of -1 sockettimeout in cast to intermedia…

928ba16

…te uint32_t

Add regression test for negative sockettimeoutms validation

4446f48

Update documentation with warnings for non-positive timeout values

3dbd9ee

Update timeout variables for type consistency

f4b9fa5

eramongodb requested a review from kevinAlbs November 13, 2023 17:27

eramongodb self-assigned this Nov 13, 2023

eramongodb commented Nov 13, 2023

View reviewed changes

src/libmongoc/doc/mongoc_uri_t.rst Show resolved Hide resolved

src/libmongoc/doc/mongoc_uri_t.rst Show resolved Hide resolved

kevinAlbs approved these changes Nov 13, 2023

View reviewed changes

src/libmongoc/doc/mongoc_uri_t.rst Show resolved Hide resolved

src/libmongoc/doc/mongoc_uri_t.rst Show resolved Hide resolved

eramongodb added 5 commits November 13, 2023 15:01

Remove misleading/obsolete documentation for timeout value of 0

f32a56e

Add regression test for unspecified default timeout in writev functions

1b6af06

Add ticket reference to negative timeout handler

bac47ee

Rename test entities for consistency

7fa148c

Also update error messages with new names

119fc2f

eramongodb merged commit 42ff072 into mongodb:master Nov 13, 2023

eramongodb deleted the cdriver-4781 branch November 13, 2023 21:42

kevinAlbs mentioned this pull request Nov 15, 2023

CDRIVER-4781 add void* cast in test #1476

Merged

eramongodb mentioned this pull request Dec 18, 2025

CDRIVER-5815 support disabling socket timeouts #2185

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CDRIVER-4781 Avoid intermediate uint32_t for socketTimeoutMS#1475

CDRIVER-4781 Avoid intermediate uint32_t for socketTimeoutMS#1475
eramongodb merged 10 commits intomongodb:masterfrom
eramongodb:cdriver-4781

eramongodb commented Nov 13, 2023

Uh oh!

Uh oh!

Uh oh!

kevinAlbs left a comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

eramongodb commented Nov 13, 2023

Uh oh!

Uh oh!

Uh oh!

kevinAlbs left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants