Skip to content

CDRIVER-5878 Free child on failed call to bson_append_array_builder_begin #1849

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 4, 2025
Merged

CDRIVER-5878 Free child on failed call to bson_append_array_builder_begin #1849

merged 2 commits into from
Feb 4, 2025

Conversation

kevinAlbs
Copy link
Collaborator

Summary

Free child on failed call to bson_append_array_builder_begin.

Verified with this patch build: https://spruce.mongodb.com/version/67a124ca58a59000075fa19d

Background & Motivation

Coverity identified a possible resource leak on this block. This roughly does the following:

if (BSON_APPEND_ARRAY_BUILDER_BEGIN (bson, "servers", &array)) {
    // ...
} else {
    return false; // Leaks `array`.
}

If bson_append_array_builder_begin returns false, the child out-param is left allocated. Whereas a failure in bson_append_array_begin does not require a clean-up of the child.

For consistency with bson_append_array_begin, this PR changes bson_append_array_builder_begin to free child on failure. child is set to NULL to permit existing code to safely call bson_append_builder_destroy.

@kevinAlbs kevinAlbs changed the title Free child on failed call to bson_append_array_builder_begin CDRIVER-5878 Free child on failed call to bson_append_array_builder_begin Feb 3, 2025
@kevinAlbs kevinAlbs marked this pull request as ready for review February 3, 2025 21:36
@kevinAlbs kevinAlbs requested a review from a user February 3, 2025 21:36
ghost
ghost approved these changes Feb 3, 2025
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! It's my fault for introducing an incorrect call site.

Looking at the documentation again, I can't find any warnings about the unusual choice to leave the output allocated on failure, so it does seem likely application code makes the same mistake. I agree this fix is likely to preserve backward compatibility. (Hopefully the vagueness of the documentation was enough warning that apps shouldn't rely on the child to be non-NULL on failure.)

@kevinAlbs kevinAlbs merged commit ad6332f into mongodb:master Feb 4, 2025
40 of 43 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kevinAlbs