github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-22 08:49:06 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: race condition in Discourse.cache.fetch (#28124)

Browse Source 
When using `Discourse.cache.fetch` with an expiry, there's a potential for a race condition due to how we read the data from redis.

The code used to be

```ruby
raw = redis.get(key) if !force
entry = read_entry(key) if raw
return entry if raw && !(entry == :__corrupt_cache__)
```

with `read_entry` defined as follow

```ruby
def read_entry(key)
  if data = redis.get(key)
    Marshal.load(data)
  end
rescue => e
  :__corrupt_cache__
end
```

If the value at "key" expired in redis between `raw = redis.get` and `entry = read_entry`, the `entry` variable would be `nil` despite `raw` having a value.

We would then proceed to return `entry` (which is `nil`) thinking it had a value, when it didn't.

The first `redis.get` can be skipped altogether and we can rely only on `read_entry` to read the data from redis. Thus avoiding the race condition and removing the double read operations.

Internal ref - t/132507
This commit is contained in:
Régis Hanol 2024-07-30 09:08:12 +02:00 committed by GitHub
parent 1239287697
commit d5cd669464
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/cache.rb
View File

@ -82,9 +82,13 @@ class Cache
end end
key = normalize_key(name) key = normalize_key(name)
raw = redis.get(key) if !force
entry = read_entry(key) if raw if !force
return entry if raw && !(entry == :__corrupt_cache__) if raw = redis.get(key)
entry = decode_entry(raw, key)
return entry if entry != :__corrupt_cache__
end
end
val = blk.call val = blk.call
write_entry(key, val, expires_in: expires_in) write_entry(key, val, expires_in: expires_in)
@ -99,10 +103,8 @@ class Cache
Discourse.warn_exception(e, message: "Corrupt cache... skipping entry for key #{key}") Discourse.warn_exception(e, message: "Corrupt cache... skipping entry for key #{key}")
end end
def read_entry(key) def decode_entry(raw, key)
if data = redis.get(key) Marshal.load(raw) # rubocop:disable Security/MarshalLoad
Marshal.load(data) # rubocop:disable Security/MarshalLoad
end
rescue => e rescue => e
# corrupt cache, this can happen if Marshal version # corrupt cache, this can happen if Marshal version
# changes. Log it once so we can tell it is happening. # changes. Log it once so we can tell it is happening.
@ -112,6 +114,12 @@ class Cache
:__corrupt_cache__ :__corrupt_cache__
end end
def read_entry(key)
if data = redis.get(key)
decode_entry(data, key)
end
end
def write_entry(key, value, expires_in: nil) def write_entry(key, value, expires_in: nil)
dumped = Marshal.dump(value) dumped = Marshal.dump(value)
expiry = expires_in || MAX_CACHE_AGE expiry = expires_in || MAX_CACHE_AGE

10
spec/lib/cache_spec.rb
View File

@ -121,5 +121,15 @@ RSpec.describe Cache do
expect(cache.read("my_key")).to eq("bob") expect(cache.read("my_key")).to eq("bob")
end end
end end
it "isn't prone to a race condition due to key expiring between GET calls" do
key = cache.normalize_key("my_key")
# while this is not technically testing the race condition, it's
# ensuring we're only calling redis.get once, which is a good enough proxy
Discourse.redis.stubs(:get).with(key).returns(Marshal.dump("bob")).once
expect(fetch_value).to eq("bob")
end
end end
end end