Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix race condition in server-mode #857

Merged
merged 1 commit into from
Jul 2, 2019
Merged

Fix race condition in server-mode #857

merged 1 commit into from
Jul 2, 2019

Conversation

masahiro331
Copy link
Contributor

@masahiro331 masahiro331 commented Jul 1, 2019
edited
Loading

What did you implement:

I fixed the bug of race condition in vuls server-mode.

The server-mode runs report.NewDBClient only once the first time.
NewDBClient returns multiple DBs.

At this time, internally execute github.com/kotakanbe/go-cve-dictionary/db.NewDB which returns driver.
After this, The server-mode always execute functions such as NewOvalDB for the same driver .

This driver has the family property (e.g. d. Ovaldb).
After that, server-mode always executes functions like NewOvalDB for the same driver.
So, when a request from different OS is made asynchronously, ovaldb is rewritten.

This fix will generate a DB client for each request.

I added below log in goval-dictionary/db/redis.go.

func (d *RedisDriver) NewOvalDB(family string) error {
        fmt.Println("Call NewOvalDB")
        fmt.Printf("Pre NewOvalDB: %s\n", family)
        switch family {
        case c.CentOS:
                d.ovaldb = c.RedHat
        case c.Debian, c.Ubuntu, c.RedHat, c.Oracle,
                c.OpenSUSE, c.OpenSUSELeap, c.SUSEEnterpriseServer,
                c.SUSEEnterpriseDesktop, c.SUSEOpenstackCloud,
                c.Alpine, c.Amazon:

                d.ovaldb = family
        default:
                if strings.Contains(family, "suse") {
                        suses := []string{
                                c.OpenSUSE,
                                c.OpenSUSELeap,
                                c.SUSEEnterpriseServer,
                                c.SUSEEnterpriseDesktop,
                                c.SUSEOpenstackCloud,
                        }
                        return fmt.Errorf("Unknown SUSE. Specify from %s: %s", suses, family)
                }
                return fmt.Errorf("Unknown OS Type: %s", family)
        }
        fmt.Printf("Pro NewOvalDB: %s\n", family)
        return nil
}

Below execute log.

# First request after run the server-mode
Call NewOvalDB
Pre NewOvalDB: 
Pro NewOvalDB: redhat
・
・
・
# Second and subsequent requests after running server mode
Call NewOvalDB
Pre NewOvalDB: redhat
Pro NewOvalDB: ubuntu

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

How Has This Been Tested?

I wrote PoC.
https://github.com/masahiro331/vuls_racecondition

I checked using PoC before and after the pull request.
Using DBs: Redis, Sqlite3 and postgresql.

Checklist:

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: Yes

@kotakanbe kotakanbe merged commit 65e6070 into future-architect:master Jul 2, 2019
@kotakanbe
Copy link
Member

Many Thanks!

@masahiro331 masahiro331 mentioned this pull request Jul 9, 2019
Merged
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@masahiro331 @kotakanbe