* [PATCH] proxy_pass: fix race condition due to ensure
@ 2015-05-08 22:24 Eric Wong
0 siblings, 0 replies; 2+ messages in thread
From: Eric Wong @ 2015-05-08 22:24 UTC (permalink / raw)
To: yahns-public
When calling proxy_busy_mod_blocked to re-enable a descriptor via
epoll, the ensure block is dangerous because the "ensure" clause
modifies the object after the ReqRes is injected into epoll.
This is extremely dangerous as we give up exclusive access to
the object once we call epoll_ctl.
This simplifies the code a bit while we're at it.
---
lib/yahns/proxy_http_response.rb | 34 +++++++++++++++-------------------
1 file changed, 15 insertions(+), 19 deletions(-)
diff --git a/lib/yahns/proxy_http_response.rb b/lib/yahns/proxy_http_response.rb
index 5bb0608..90a9395 100644
--- a/lib/yahns/proxy_http_response.rb
+++ b/lib/yahns/proxy_http_response.rb
@@ -47,6 +47,13 @@ module Yahns::HttpResponse # :nodoc:
wbuf.wbuf_abort if wbuf
end
+ def wait_on_upstream(req_res, alive, wbuf)
+ req_res.resbuf = wbuf || Yahns::Wbuf.new(nil, alive,
+ self.class.output_buffer_tmpdir,
+ false)
+ :wait_readable # self remains in :ignore, wait on upstream
+ end
+
# returns :wait_readable if we need to read more from req_res
# returns :ignore if we yield control to the client(self)
# returns nil if completely done
@@ -58,8 +65,7 @@ module Yahns::HttpResponse # :nodoc:
have_body = !Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include?(si) &&
env[REQUEST_METHOD] != HEAD
flags = MSG_DONTWAIT
- k = self.class
- alive = @hs.next? && k.persistent_connections
+ alive = @hs.next? && self.class.persistent_connections
res = "HTTP/1.1 #{status}\r\n"
headers.each do |key,value| # n.b.: headers is an Array of 2-element Arrays
@@ -101,9 +107,7 @@ module Yahns::HttpResponse # :nodoc:
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end until len == 0
elsif kcar.chunked? # nasty chunked body
@@ -116,9 +120,7 @@ module Yahns::HttpResponse # :nodoc:
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end until kcar.body_eof?
buf = tmp
@@ -129,9 +131,7 @@ module Yahns::HttpResponse # :nodoc:
when String
buf << rv
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable
+ return wait_on_upstream(req_res, alive, wbuf)
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
end # no loop here
@@ -147,21 +147,17 @@ module Yahns::HttpResponse # :nodoc:
req_res.shutdown
break
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end while true
end
end
- wbuf and return proxy_busy_mod_blocked(wbuf, wbuf.busy)
- proxy_busy_mod_done(alive)
+ return proxy_busy_mod_done(alive) unless wbuf
+ req_res.resbuf = wbuf
+ proxy_busy_mod_blocked(wbuf, wbuf.busy)
rescue => e
proxy_err_response(502, req_res, e, wbuf)
- ensure
- # this happens if this method returns :wait_readable
- req_res.resbuf = wbuf if wbuf
end
def proxy_response_finish(kcar, wbuf, req_res)
--
EW
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH] proxy_pass: fix race condition due to ensure
@ 2015-05-09 1:05 Eric Wong
0 siblings, 0 replies; 2+ messages in thread
From: Eric Wong @ 2015-05-09 1:05 UTC (permalink / raw)
To: yahns-public
When calling proxy_busy_mod_blocked to re-enable a descriptor via
epoll, the ensure block is dangerous because the "ensure" clause
modifies the object after the ReqRes is injected into epoll.
This is extremely dangerous as we give up exclusive access to
the object once we call epoll_ctl.
This simplifies the code a bit while we're at it.
---
lib/yahns/proxy_http_response.rb | 34 +++++++++++++++-------------------
1 file changed, 15 insertions(+), 19 deletions(-)
diff --git a/lib/yahns/proxy_http_response.rb b/lib/yahns/proxy_http_response.rb
index 5bb0608..90a9395 100644
--- a/lib/yahns/proxy_http_response.rb
+++ b/lib/yahns/proxy_http_response.rb
@@ -47,6 +47,13 @@ module Yahns::HttpResponse # :nodoc:
wbuf.wbuf_abort if wbuf
end
+ def wait_on_upstream(req_res, alive, wbuf)
+ req_res.resbuf = wbuf || Yahns::Wbuf.new(nil, alive,
+ self.class.output_buffer_tmpdir,
+ false)
+ :wait_readable # self remains in :ignore, wait on upstream
+ end
+
# returns :wait_readable if we need to read more from req_res
# returns :ignore if we yield control to the client(self)
# returns nil if completely done
@@ -58,8 +65,7 @@ module Yahns::HttpResponse # :nodoc:
have_body = !Rack::Utils::STATUS_WITH_NO_ENTITY_BODY.include?(si) &&
env[REQUEST_METHOD] != HEAD
flags = MSG_DONTWAIT
- k = self.class
- alive = @hs.next? && k.persistent_connections
+ alive = @hs.next? && self.class.persistent_connections
res = "HTTP/1.1 #{status}\r\n"
headers.each do |key,value| # n.b.: headers is an Array of 2-element Arrays
@@ -101,9 +107,7 @@ module Yahns::HttpResponse # :nodoc:
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end until len == 0
elsif kcar.chunked? # nasty chunked body
@@ -116,9 +120,7 @@ module Yahns::HttpResponse # :nodoc:
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end until kcar.body_eof?
buf = tmp
@@ -129,9 +131,7 @@ module Yahns::HttpResponse # :nodoc:
when String
buf << rv
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable
+ return wait_on_upstream(req_res, alive, wbuf)
when nil # premature EOF
return proxy_err_response(nil, req_res, nil, wbuf)
end # no loop here
@@ -147,21 +147,17 @@ module Yahns::HttpResponse # :nodoc:
req_res.shutdown
break
when :wait_readable
- # for ensure:
- wbuf ||= Yahns::Wbuf.new(nil, alive, k.output_buffer_tmpdir, false)
- return :wait_readable # self remains in :ignore, wait on upstream
+ return wait_on_upstream(req_res, alive, wbuf)
end while true
end
end
- wbuf and return proxy_busy_mod_blocked(wbuf, wbuf.busy)
- proxy_busy_mod_done(alive)
+ return proxy_busy_mod_done(alive) unless wbuf
+ req_res.resbuf = wbuf
+ proxy_busy_mod_blocked(wbuf, wbuf.busy)
rescue => e
proxy_err_response(502, req_res, e, wbuf)
- ensure
- # this happens if this method returns :wait_readable
- req_res.resbuf = wbuf if wbuf
end
def proxy_response_finish(kcar, wbuf, req_res)
--
EW
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-05-09 1:05 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-05-08 22:24 [PATCH] proxy_pass: fix race condition due to ensure Eric Wong
-- strict thread matches above, loose matches on Subject: below --
2015-05-09 1:05 Eric Wong
Code repositories for project(s) associated with this public inbox
https://yhbt.net/yahns.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).