Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-74238

IDL Compiler Can Generate Use-After-Move When Generating Struct Initializer Lists

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 7.1.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Service Arch
    • Fully Compatible
    • ALL
    • Service Arch 2023-08-07

      Commands with namespace-string or namespace-string-or-UUID arguments can be described in IDL. The IDL compiler will then generate C++ code for these commands (a special type of IDL-struct) that allows them to be parsed and serialized from BSON, as well as constructed. Constructors are generated for these sorts of commands accept NamespaceString or NamespaceStringOrUUID arguments, respectively, which are used to initialize the appropriate members of the type. As of SERVER-69388, these arguments are used to initialize not only the NamespaceString{OrUUID} members of the type, but also of other members like dbName. 

      The problem is that the relevant code in the IDL compiler (https://github.com/mongodb/mongo/blob/8fe8ae436514e4e490e8571219b71339333f3ceb/buildscripts/idl/idl/generator.py#L1609-L1652) , which generates the initializer lists used in the above constructors, uses move-semantics to move the constructor args (NamespaceString{OrUUID}) into the appropriate members, which means they are unsafe to use later in the initializer list. But they are used later in the initializer list to initialize other members of the type, like dbName. 

      To fix this we'll need to be smarter about now the argument is used in the initializer list, either by not moving it or by using the equivalent member instead of the argument to construct later members. 

            Assignee:
            george.wangensteen@mongodb.com George Wangensteen
            Reporter:
            george.wangensteen@mongodb.com George Wangensteen
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: