Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make modifiedPaths safer. #12719

Merged
merged 8 commits into from Nov 28, 2022
Merged

make modifiedPaths safer. #12719

merged 8 commits into from Nov 28, 2022

Conversation

zzztttkkk
Copy link
Contributor

Summary

helpers.common.modifiedPaths is a recursion function.

when user call db.updateOne({key: badValue}), the badValue will cause a endless recursion call. but it is impossible to check user's input. so I think we can check the recursion level , it will be helpful for debugging.

Examples

async function updateDoc(){
    const count = collectionA.countDocuments({}); // miss an `await`, will cause a endless recursion call.
    await collectionB.updateOne({key: count}, {upsert: true});
}

Uzlopak
Uzlopak reviewed Nov 23, 2022
View reviewed changes
lib/helpers/common.js Outdated
@@ -67,7 +67,19 @@ function flatten(update, path, options, schema) {
* ignore
*/

function modifiedPaths(update, path, result) {
function modifiedPaths(update, path, result, recursion=null) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this not work?

Suggested change
function modifiedPaths(update, path, result, recursion=null) {
function modifiedPaths(update, path, result, recursion={count: 0, raw: {update, path}}) {

Uzlopak
Uzlopak reviewed Nov 23, 2022
View reviewed changes
lib/helpers/common.js Outdated

recursion.count++;
if(recursion.count >= 1024){
throw new Error(`Mongoose: bad update value, ${recursion.raw.update}, ${recursion.raw.path}`);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe create a new MongooseError?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was just worried that it would cause a circular reference.

I will make a new commit tomorrow.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dont worry, I just think a new MongooseRecursionError or something like that would be nicer.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree that this should at least be a MongooseError. Not sure it is worth it to create a new recursion error.

vkarpov15
vkarpov15 requested changes Nov 23, 2022
View reviewed changes
Copy link
Collaborator

@vkarpov15 vkarpov15 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of suggestions. Also, can you please add a test case for this?

lib/helpers/common.js Outdated

recursion.count++;
if(recursion.count >= 1024){
throw new Error(`Mongoose: bad update value, ${recursion.raw.update}, ${recursion.raw.path}`);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree that this should at least be a MongooseError. Not sure it is worth it to create a new recursion error.

lib/helpers/common.js Outdated
}

recursion.count++;
if(recursion.count >= 1024){
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is a bit brittle. Admittedly we're unlikely to have depth >= 1024 unless there's an infinite recursion. But I think a better approach would be to use a WeakSet or WeakMap to track what objects we've seen in the recursion, similar to how getIndexes() does it.

@zzztttkkk
Copy link
Contributor Author

@vkarpov15
Hi,the new commit is waiting a review.

vkarpov15
vkarpov15 requested changes Nov 25, 2022
View reviewed changes
lib/helpers/common.js Outdated
throw new MongooseError(`a circular reference in the update value, updateValue:
${util.inspect(recursion.raw.update, { showHidden: false, depth: 1 })}
updatePath: ${recursion.raw.path}
-------`);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor nitpick: this ---- is a bit messy. But I'll clean that up after merging, no need for that to be a blocker.

lib/helpers/common.js Show resolved Hide resolved
@vkarpov15 vkarpov15 merged commit 69aebcb into Automattic:master Nov 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Uzlopak Uzlopak Uzlopak left review comments

@vkarpov15 vkarpov15 vkarpov15 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@zzztttkkk @vkarpov15 @Uzlopak