Fix data race in WebSocket where _url is accessed without protection in setThreadName

Also fix with url usage + docker container uses fedora and works with tsan
2019-04-25 16:07:49 -07:00 · 2019-04-25 16:07:49 -07:00 · f6ae490723
commit f6ae490723
parent 7f96c43d6f
7 changed files with 34 additions and 45 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-1.4.2
+1.4.3
--- a/40
+++ b/40
@ -1,42 +1,32 @@
-# Build time
+FROM fedora:30 as build
 FROM debian:buster as build
-ENV DEBIAN_FRONTEND noninteractive
+RUN yum install -y gcc-g++
-RUN apt-get update 
+RUN yum install -y cmake
-RUN apt-get -y install wget 
+RUN yum install -y make
 RUN yum install -y openssl-devel
 RUN yum install -y wget
 RUN mkdir -p /tmp/cmake
 WORKDIR /tmp/cmake
 RUN wget https://github.com/Kitware/CMake/releases/download/v3.14.0/cmake-3.14.0-Linux-x86_64.tar.gz 
 RUN tar zxf cmake-3.14.0-Linux-x86_64.tar.gz
 RUN apt-get -y install g++ 
 RUN apt-get -y install libssl-dev
 RUN apt-get -y install libz-dev
 RUN apt-get -y install make
 COPY . .
 ARG CMAKE_BIN_PATH=/tmp/cmake/cmake-3.14.0-Linux-x86_64/bin
 ENV PATH="${CMAKE_BIN_PATH}:${PATH}"
 RUN yum install -y python
 RUN yum install -y libtsan
 COPY . .
 # RUN ["make", "test"]
 RUN ["make"]
 # Runtime
-FROM debian:buster as runtime
+FROM fedora:30 as runtime
-ENV DEBIAN_FRONTEND noninteractive
+RUN yum install -y libtsan
 RUN apt-get update 
 # Runtime 
 RUN apt-get install -y libssl1.1 
 RUN apt-get install -y ca-certificates
 RUN ["update-ca-certificates"]
-# Debugging
+RUN groupadd app && useradd -g app app 
 RUN apt-get install -y strace
 RUN apt-get install -y procps
 RUN apt-get install -y htop
 RUN adduser --disabled-password --gecos '' app
 COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
 RUN chmod +x /usr/local/bin/ws
 RUN ldd /usr/local/bin/ws
--- a/ixwebsocket/IXWebSocket.cpp
+++ b/ixwebsocket/IXWebSocket.cpp
@ -257,7 +257,7 @@ namespace ix
    void WebSocket::run()
    {
-        setThreadName(_url);
+        setThreadName(getUrl());
        while (true)
        {
--- a/test/CMakeLists.txt
+++ b/test/CMakeLists.txt
@ -8,6 +8,9 @@ project (ixwebsocket_unittest)
 set(CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/../third_party/sanitizers-cmake/cmake" ${CMAKE_MODULE_PATH})
 find_package(Sanitizers)
 # set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
 # set(CMAKE_LD_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
 set (CMAKE_CXX_STANDARD 14)
 if (NOT WIN32)
--- a/third_party/statsd-client-cpp/src/statsd_client.h
+++ b/third_party/statsd-client-cpp/src/statsd_client.h
@ -61,6 +61,6 @@ protected:
    const uint64_t max_batching_size = 32768;
 };
-}; // end namespace
+} // end namespace
 #endif
--- a/ws/ixcobra/IXCobraConnection.cpp
+++ b/ws/ixcobra/IXCobraConnection.cpp
@ -205,20 +205,18 @@ namespace ix
    }
    void CobraConnection::configure(const std::string& appkey,
-                                     const std::string& endpoint,
+                                    const std::string& endpoint,
-                                     const std::string& rolename,
+                                    const std::string& rolename,
-                                     const std::string& rolesecret,
+                                    const std::string& rolesecret,
-                                     WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions)
+                                    const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions)
    {
-        _appkey = appkey;
+        _roleName = rolename;
-        _endpoint = endpoint;
+        _roleSecret = rolesecret;
        _role_name = rolename;
        _role_secret = rolesecret;
        std::stringstream ss;
-        ss << _endpoint;
+        ss << endpoint;
        ss << "/v2?appkey=";
-        ss << _appkey;
+        ss << appkey;
        std::string url = ss.str();
        _webSocket->setUrl(url);
@ -242,7 +240,7 @@ namespace ix
    bool CobraConnection::sendHandshakeMessage()
    {
        Json::Value data;
-        data["role"] = _role_name;
+        data["role"] = _roleName;
        Json::Value body;
        body["data"] = data;
@ -304,7 +302,7 @@ namespace ix
    bool CobraConnection::sendAuthMessage(const std::string& nonce)
    {
        Json::Value credentials;
-        credentials["hash"] = hmac(nonce, _role_secret);
+        credentials["hash"] = hmac(nonce, _roleSecret);
        Json::Value body;
        body["credentials"] = credentials;
--- a/ws/ixcobra/IXCobraConnection.h
+++ b/ws/ixcobra/IXCobraConnection.h
@ -56,7 +56,7 @@ namespace ix
                       const std::string& endpoint,
                       const std::string& rolename,
                       const std::string& rolesecret,
-                       WebSocketPerMessageDeflateOptions webSocketPerMessageDeflateOptions);
+                       const WebSocketPerMessageDeflateOptions& webSocketPerMessageDeflateOptions);
        static void setTrafficTrackerCallback(const TrafficTrackerCallback& callback);
@ -135,10 +135,8 @@ namespace ix
        std::unique_ptr<WebSocket> _webSocket;
        /// Configuration data
-        std::string _appkey;
+        std::string _roleName;
-        std::string _endpoint;
+        std::string _roleSecret;
        std::string _role_name;
        std::string _role_secret;
        std::atomic<CobraConnectionPublishMode> _publishMode;
        // Can be set on control+background thread, protecting with an atomic