Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix bugs in RateLimiterController #461

Merged
merged 3 commits into from
Jan 28, 2019
Merged

Fix bugs in RateLimiterController #461

merged 3 commits into from
Jan 28, 2019

Conversation

mjaow
Copy link
Contributor

@mjaow mjaow commented Jan 26, 2019
edited
Loading

Describe what this PR does / why we need it

Fix bugs when count is zero

when count is zero,the costTime value will be max of long.After some retries of canPass,the waitTime will overflow and permit any request (as it will return true)

Does this pull request fix one issue?

Fixes #462

Describe how you did it

precheck and return when acquire count or count is less or equal than zero

Describe how to verify it

Test case in RateLimiterControllerTest.testPaceController_zeroattack

Special notes for reviews

The bug will lead to attack and make limiter useless

@mjaow mjaow changed the title fix ratelimit bugs fix bugs in RateLimiterController Jan 26, 2019
@mjaow mjaow changed the title fix bugs in RateLimiterController Fix bugs in RateLimiterController Jan 26, 2019
@codecov-io
Copy link

codecov-io commented Jan 26, 2019
edited
Loading

Codecov Report

Merging #461 into master will increase coverage by <.01%.
The diff coverage is 100%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #461      +/-   ##
============================================
+ Coverage     37.62%   37.62%   +<.01%     
- Complexity      982      983       +1     
============================================
  Files           235      235              
  Lines          7429     7433       +4     
  Branches       1017     1018       +1     
============================================
+ Hits           2795     2797       +2     
- Misses         4273     4274       +1     
- Partials        361      362       +1
Impacted Files Coverage Δ Complexity Δ
...s/block/flow/controller/RateLimiterController.java 79.31% <100%> (+3.31%) 7 <5> (+2) ⬆️
...a/csp/sentinel/slots/statistic/base/LeapArray.java 62.02% <0%> (-2.54%) 22% <0%> (-1%)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 223ad25...b80fda1. Read the comment docs.

@sczyh30 sczyh30 added the to-review To review label Jan 26, 2019
@sczyh30
Copy link
Member

sczyh30 commented Jan 28, 2019
edited
Loading

Hi, thanks for contributing. The zero-count problem is a bug (thanks for fixing that).

As for RateLimiterController, it is designed as a not strictly thread-safe implementation for performance (as well as in other traffic controllers). In Sentinel we need to consider both correctness and performance.

@mjaow
Copy link
Contributor Author

mjaow commented Jan 28, 2019

ok,i'll keep the bugfix part and delete the commit which fix concurrent issue and reference annother issue to discuss it

@mjaow mjaow force-pushed the bugfix/fix-zerocount-ratelimitercontroller branch from 90e9f41 to 3e479f9 Compare January 28, 2019 05:16
sczyh30
sczyh30 approved these changes Jan 28, 2019
View reviewed changes
Copy link
Member

@sczyh30 sczyh30 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sczyh30 sczyh30 merged commit 2cf6e29 into alibaba:master Jan 28, 2019
@sczyh30
Copy link
Member

sczyh30 commented Jan 28, 2019

Thanks for contributing!

@sczyh30 sczyh30 removed the to-review To review label Jan 28, 2019
@mjaow mjaow deleted the bugfix/fix-zerocount-ratelimitercontroller branch January 28, 2019 06:34
@sentinel-bot sentinel-bot mentioned this pull request Feb 1, 2019
Closed
@pouchrobot pouchrobot mentioned this pull request Feb 1, 2019
Closed
CST11021 pushed a commit to CST11021/Sentinel that referenced this pull request Nov 3, 2021
@duhengforever
Purge filterserv related code in client
2961a30 
[ISSUE alibaba#461]Purge filterserv related code in client
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sczyh30 sczyh30 sczyh30 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Divide-by-zero overflow in rate limiter traffic controller
3 participants
@mjaow @codecov-io @sczyh30