[Bug]: Refactor C-Style Casts to C++ Style Casts for Vulnerability fix

[abd-770]

Is there an existing issue for this?

• [X] I have searched the existing issues

Environment

- Milvus version:
- Deployment mode(standalone or cluster):
- MQ type(rocksmq, pulsar or kafka):    
- SDK version(e.g. pymilvus v2.0.0rc2):
- OS(Ubuntu or CentOS): 
- CPU/Memory: 
- GPU: 
- Others:

Current Behavior

Static Scan reported Functional-notation casting vulnerability on 200+ lines.

The current implementation uses C-style casts instead of C++ style casts (static_cast, reinterpret_cast, const_cast). C-style casting is less safe and can lead to undefined behavior and reduced code readability. C++ provides specific casting operators that are safer, clearer, and convey the intent of the cast more explicitly.

Could you please clarify why C-style casts were chosen over C++ style casts in this implementation? Understanding the reasoning behind this decision will help in assessing whether we should provide the changes needed to solve this vulnerability

Expected Behavior

No response

Steps To Reproduce

No response

Milvus Log

No response

Anything else?

No response

[yanliang567]

/assign @czs007 /unassign

[xiaofan-luan]

@abd-770 could you help on some examples of the fix? it could be even better if you can fix that

[abd-770]

Sure, I will do the changes. This is one of the line throwing the vulnerability. https://github.com/milvus-io/milvus/blob/ea36d13ab0b55bda1f14cb0a9c7dee255e368f19/internal/core/src/segcore/IndexConfigGenerator.cpp#L74 This can be fixed by using static_cast rather than c-styles explicit casting. return std::max(static_cast<int64_t>(max_index_row_count_ * ratio),

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. Rotten issues close after 30d of inactivity. Reopen the issue with /reopen.