Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

transport: protect field access with transport to avoid possible data race #3985

Jump to bottom
Jump to bottom
Open
Open
transport: protect field access with transport to avoid possible data race#3985
@yanke-xu

Description

@yanke-xu
yanke-xu
opened on Mar 7, 2023

Fixed inconsistency and also potential data race in weave/vendor/k8s.io/client-go/transport/cert_rotation.go:
c.clientCert is read/written 4 times in weave/vendor/k8s.io/client-go/transport/cert_rotation.go; 3 out of 4 times it is protected by c.certMtx; 1 out of 4 times it is read without a Lock, which is in func loadClientCert() on L75.
A data race may happen when loadClientCert() and loadClientCert() are called in parallel.

For example:
for {
......
go loadClientCert()
......
}

In order to avoid potential data race here, I use c.certMtx.RLock(); defer c.certMtx.RUnlock() to make sure that all usages of items is in critical section.

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions