Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sdk/queue: move lock before checking queue length #13146

Merged
merged 2 commits into from
Nov 29, 2021
Merged

sdk/queue: move lock before checking queue length #13146

merged 2 commits into from
Nov 29, 2021

Conversation

jasonodonnell
Copy link
Contributor

A panic can occur when head.Pop is called if the length of the queue has changed since checking if it was empty. This is because head.Pop calls swap under the hood. Moving the lock prior to checking should prevent a panic from happening.

Panic as seen in OpenLDAP secret engine:

Nov 01 13:32:38  vault[3385105]: panic: runtime error: index out of range [0] with length 0
4Nov 01 13:32:38  vault[3385105]: goroutine 10378 [running]:
5Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault/sdk/queue.queue.Swap(...)
6Nov 01 13:32:38  vault[3385105]:         /gopath/src/github.com/hashicorp/vault/sdk/queue/priority_queue.go:167
7Nov 01 13:32:38  vault[3385105]: container/heap.Pop(0x62f5198, 0xc010b59c80, 0x8b16dc0, 0xc001a30d50)
8Nov 01 13:32:38  vault[3385105]:         /goroot/src/container/heap/heap.go:62 +0x64
9Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault/sdk/queue.(*PriorityQueue).Pop(0xc010b59c80, 0x0, 0x0, 0x0)
10Nov 01 13:32:38  vault[3385105]:         /gopath/src/github.com/hashicorp/vault/sdk/queue/priority_queue.go:95 +0xa7
11Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault-plugin-secrets-openldap.(*backend).popFromRotationQueue(0xc01bf67e00, 0x0, 0x0, 0x0)
12Nov 01 13:32:38  vault[3385105]:         /gopath/pkg/mod/github.com/hashicorp/vault-plugin-secrets-openldap@v0.5.2/rotation.go:545 +0x85
13Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault-plugin-secrets-openldap.(*backend).rotateCredential(0xc01bf67e00, 0x62dd268, 0xc010b59cc0, 0x62dee68, 0xc002b7d8c0, 0x0)
14Nov 01 13:32:38  vault[3385105]:         /gopath/pkg/mod/github.com/hashicorp/vault-plugin-secrets-openldap@v0.5.2/rotation.go:155 +0x8d
15Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault-plugin-secrets-openldap.(*backend).rotateCredentials(...)
16Nov 01 13:32:38  vault[3385105]:         /gopath/pkg/mod/github.com/hashicorp/vault-plugin-secrets-openldap@v0.5.2/rotation.go:144
17Nov 01 13:32:38  vault[3385105]: github.com/hashicorp/vault-plugin-secrets-openldap.(*backend).runTicker(0xc01bf67e00, 0x62dd268, 0xc010b59cc0, 0x62dee68, 0xc002b7d8c0)
18Nov 01 13:32:38  vault[3385105]:         /gopath/pkg/mod/github.com/hashicorp/vault-plugin-secrets-openldap@v0.5.2/rotation.go:112 +0x116
19Nov 01 13:32:38  vault[3385105]: created by github.com/hashicorp/vault-plugin-secrets-openldap.(*backend).initQueue
20Nov 01 13:32:38  vault[3385105]:         /gopath/pkg/mod/github.com/hashicorp/vault-plugin-secrets-openldap@v0.5.2/rotation.go:449 +0x165
21Nov 01 13:32:44  vault[3391153]: Fortanix C_GetFunctionList -> 0

@jasonodonnell jasonodonnell requested a review from a team November 15, 2021 18:45
@vercel vercel bot temporarily deployed to Preview – vault November 15, 2021 18:47 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook November 15, 2021 18:47 Inactive
@calvn calvn added this to the 1.9.1 milestone Nov 15, 2021
@jasonodonnell jasonodonnell merged commit adebe3e into main Nov 29, 2021
@jasonodonnell jasonodonnell deleted the priority-queue-panic branch November 29, 2021 19:54
jasonodonnell added a commit that referenced this pull request Nov 29, 2021
@jasonodonnell
sdk/queue: move lock before checking queue length (#13146)
4fd876f 
* sdk/queue: move lock before checking queue length

* Add changelog
@jasonodonnell jasonodonnell mentioned this pull request Nov 29, 2021
Merged
jasonodonnell added a commit that referenced this pull request Nov 29, 2021
@jasonodonnell
sdk/queue: move lock before checking queue length (#13146) (#13297)
e36348b 
* sdk/queue: move lock before checking queue length

* Add changelog
qk4l pushed a commit to qk4l/vault that referenced this pull request Feb 4, 2022
@jasonodonnell
sdk/queue: move lock before checking queue length (hashicorp#13146)
a2ca07b 
* sdk/queue: move lock before checking queue length

* Add changelog
@thiskevinwang thiskevinwang mentioned this pull request Apr 25, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@calvn calvn calvn approved these changes

@tomhjp tomhjp tomhjp approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.9.1
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jasonodonnell @calvn @tomhjp