search

hashicorp / consul

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
https://www.consul.io
Other
28.31k stars 4.42k forks source link

`proxycfg.State.Watch` not protected against multiple invocations #5791

Open mkeeler opened 5 years ago

mkeeler commented 5 years ago

https://github.com/hashicorp/consul/blob/20eefeea117dcd23e30dab942acd2cf007024d9e/agent/proxycfg/state.go#L93-L109

This overwrites the current ctx and cancel function, executes the run method in a go routine and returns a chan.

The problem is that if Watch is called multiple times we could:

  1. Lose the current ctx/cancel and potentially leak some go routines
  2. Completely break everything related to this proxycfg.State. They will be sharing some internal chans so it would be possible for neither instance of the go routine running to get a complete view of the proxy configuration and never think its configuration is valid.

At this point this is all purely theoretical but we may want to prevent this in the future.

stale[bot] commented 4 years ago

Hey there, We wanted to check in on this request since it has been inactive for at least 60 days. If you think this is still an important issue in the latest version of Consul or its documentation please reply with a comment here which will cause it to stay open for investigation. If there is still no activity on this issue for 30 more days, we will go ahead and close it.

Feel free to check out the community forum as well! Thank you!