Fix data race in WebSocket where _url is accessed without protection in setThreadName

Also fix with url usage + docker container uses fedora and works with tsan
2019-04-25 16:07:49 -07:00 · 2019-04-25 16:07:49 -07:00 · f6ae490723
commit f6ae490723
parent 7f96c43d6f
7 changed files with 34 additions and 45 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-1.4.2
+1.4.3
--- a/40
+++ b/40
@ -1,42 +1,32 @@
-# Build time
-FROM debian:buster as build
+FROM fedora:30 as build

-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-RUN apt-get -y install wget 
+RUN yum install -y gcc-g++
+RUN yum install -y cmake
+RUN yum install -y make
+RUN yum install -y openssl-devel
+
+RUN yum install -y wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
 RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz

-RUN apt-get -y install g++ 
-RUN apt-get -y install libssl-dev
-RUN apt-get -y install libz-dev
-RUN apt-get -y install make
-
-COPY . .
-
 ARG CMAKE_BIN_PATH=/tmp/cmake/cmake-3.14.0-Linux-x86_64/bin
 ENV PATH="${CMAKE_BIN_PATH}:${PATH}"

+RUN yum install -y python
+RUN yum install -y libtsan
+
+COPY . .
+# RUN ["make", "test"]
 RUN ["make"]

 # Runtime
-FROM debian:buster as runtime
+FROM fedora:30 as runtime

-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update 
-# Runtime 
-RUN apt-get install -y libssl1.1 
-RUN apt-get install -y ca-certificates
-RUN ["update-ca-certificates"]
+RUN yum install -y libtsan

-# Debugging
-RUN apt-get install -y strace
-RUN apt-get install -y procps
-RUN apt-get install -y htop
-
-RUN adduser --disabled-password --gecos '' app
+RUN groupadd app && useradd -g app app 
 COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
 RUN chmod +x /usr/local/bin/ws
 RUN ldd /usr/local/bin/ws
--- a/ixwebsocket/IXWebSocket.cpp
+++ b/ixwebsocket/IXWebSocket.cpp
@ -257,7 +257,7 @@ namespace ix

    void WebSocket::run()
    {
-        setThreadName(_url);
+        setThreadName(getUrl());

        while (true)
        {
--- a/test/CMakeLists.txt
+++ b/test/CMakeLists.txt
@ -8,6 +8,9 @@ project (ixwebsocket_unittest)
 set(CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/../third_party/sanitizers-cmake/cmake" ${CMAKE_MODULE_PATH})
 find_package(Sanitizers)

+# set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
+# set(CMAKE_LD_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
+
 set (CMAKE_CXX_STANDARD 14)

 if (NOT WIN32)
--- a/third_party/statsd-client-cpp/src/statsd_client.h
+++ b/third_party/statsd-client-cpp/src/statsd_client.h
@ -61,6 +61,6 @@ protected:
    const uint64_t max_batching_size = 32768;
 };

-}; // end namespace
+} // end namespace

 #endif
--- a/ws/ixcobra/IXCobraConnection.cpp
+++ b/ws/ixcobra/IXCobraConnection.cpp
@ -205,20 +205,18 @@ namespace ix
    }

    void CobraConnection::configure(const std::string& appkey,
-                                     const std::string& endpoint,
-                                     const std::string& rolename,
-                                     const std::string& rolesecret,
-                                     WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions)
+                                    const std::string& endpoint,
+                                    const std::string& rolename,
+                                    const std::string& rolesecret,
+                                    const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions)
    {
-        _appkey = appkey;
-        _endpoint = endpoint;
-        _role_name = rolename;
-        _role_secret = rolesecret;
+        _roleName = rolename;
+        _roleSecret = rolesecret;

        std::stringstream ss;
-        ss << _endpoint;
+        ss << endpoint;
        ss << "/v2?appkey=";
-        ss << _appkey;
+        ss << appkey;

        std::string url = ss.str();
        _webSocket->setUrl(url);
@ -242,7 +240,7 @@ namespace ix
    bool CobraConnection::sendHandshakeMessage()
    {
        Json::Value data;
-        data["role"] = _role_name;
+        data["role"] = _roleName;

        Json::Value body;
        body["data"] = data;
@ -304,7 +302,7 @@ namespace ix
    bool CobraConnection::sendAuthMessage(const std::string& nonce)
    {
        Json::Value credentials;
-        credentials["hash"] = hmac(nonce, _role_secret);
+        credentials["hash"] = hmac(nonce, _roleSecret);

        Json::Value body;
        body["credentials"] = credentials;
--- a/ws/ixcobra/IXCobraConnection.h
+++ b/ws/ixcobra/IXCobraConnection.h
@ -56,7 +56,7 @@ namespace ix
                       const std::string& endpoint,
                       const std::string& rolename,
                       const std::string& rolesecret,
-                       WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions);
+                       const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions);

        static void setTrafficTrackerCallback(const TrafficTrackerCallback& callback);

@ -135,10 +135,8 @@ namespace ix
        std::unique_ptr<WebSocket> _webSocket;

        /// Configuration data
-        std::string _appkey;
-        std::string _endpoint;
-        std::string _role_name;
-        std::string _role_secret;
+        std::string _roleName;
+        std::string _roleSecret;
        std::atomic<CobraConnectionPublishMode> _publishMode;

        // Can be set on control+background thread, protecting with an atomic
 @ -1 +1 @@
 .4.2
 .4.3