Flask uses werkzeug which is multi-threaded. Our calculation of the job
ID has various windows for race conditions around the use of self.nextid
which becomes practially relevant when flooding the API with requests,
e.g. during stress testing or performance-measuring Peekaboo. The
symptom is Peekaboo logging:
2022-05-19 10:33:39,737 - peekaboo.toolbox.cuckoo - (MainThread) -
WARNING - 17951: A job with ID 161 already registered as running for
different sample 17947 will be marked failed
Therefore we add protection of the critical section by a threading.Lock.
Also we minimise that critical section to atomic determination of this
job's ID as well as increment for succeeding jobs.
For readability and efficiency we rename nextid to lastid and thus save
calculating the last ID in a number of places.
Flask uses werkzeug which is multi-threaded. Our calculation of the job ID has various windows for race conditions around the use of self.nextid which becomes practially relevant when flooding the API with requests, e.g. during stress testing or performance-measuring Peekaboo. The symptom is Peekaboo logging:
2022-05-19 10:33:39,737 - peekaboo.toolbox.cuckoo - (MainThread) - WARNING - 17951: A job with ID 161 already registered as running for different sample 17947 will be marked failed
Therefore we add protection of the critical section by a threading.Lock. Also we minimise that critical section to atomic determination of this job's ID as well as increment for succeeding jobs.
For readability and efficiency we rename nextid to lastid and thus save calculating the last ID in a number of places.