Skip to content

Core: Handles possible heap data corruption of OAuth2Util.AuthSession#headers#10615

Merged
amogh-jahagirdar merged 1 commit into
apache:mainfrom
tlm365:auth-atomic
Jul 4, 2024
Merged

Core: Handles possible heap data corruption of OAuth2Util.AuthSession#headers#10615
amogh-jahagirdar merged 1 commit into
apache:mainfrom
tlm365:auth-atomic

Conversation

@tlm365

@tlm365 tlm365 commented Jun 30, 2024

Copy link
Copy Markdown
Contributor

Closes #10591.

@github-actions github-actions Bot added the core label Jun 30, 2024
snazy
snazy reviewed Jul 1, 2024
View reviewed changes
Comment thread core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java Outdated
.tokenType(response.issuedTokenType())
.build();
this.headers = RESTUtil.merge(headers, authHeaders(config.token()));
synchronized (lock) {

@snazy snazy Jul 1, 2024

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe just a simple

Suggested change
synchronized (lock) {
synchronized (this) {

?

@adutra adutra Jul 1, 2024

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TBH I'm not convinced that a lock solves a real problem. In practice, this method cannot be called concurrently, therefore just dissociating reading the field and writing the field back is enough to clarify the intents here:

Map<String, String> headers = this.headers;
this.headers = RESTUtil.merge(headers, authHeaders(config.token()));

@tlm365 tlm365 Jul 2, 2024

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@snazy @adutra thanks so much for reviewing

Maybe just a simple?

@snazy I just wanna avoid using synchronized on class. See: https://stackoverflow.com/questions/442564/avoid-synchronizedthis-in-java

TBH I'm not convinced that a lock solves a real problem. In practice, this method cannot be called concurrently, therefore just dissociating reading the field and writing the field back is enough to clarify the intents here:

@adutra "this method cannot be called concurrently" - could you explain why, pls? The RESTUtil.merge(...) function read a volatile variable (headers), so I think synchronized might make sense here.

@adutra

adutra commented Jul 2, 2024

Copy link
Copy Markdown
Contributor

@tlm365 AuthSession.refresh() is invoked from two places:

  • fromAccessToken(): creates a new AuthSession instance each time, so no concurrent access can happen here.
  • scheduleTokenRefresh(): cannot be called concurrently given the access patterns (it's called first on catalog initialization – which we can assume is single-threaded –, then called by itself recursively from within the refresh executor thread).

amogh-jahagirdar
amogh-jahagirdar reviewed Jul 2, 2024
View reviewed changes

@amogh-jahagirdar amogh-jahagirdar left a comment
edited
Loading

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with @adutra , I don't think a lock is necessary here. You can just read the volatile value into a temporary variable and use that temporary variable when merging and assign that to the field.

@tlm365

tlm365 commented Jul 2, 2024

Copy link
Copy Markdown
Contributor Author

@adutra @amogh-jahagirdar thanks for reviewing, I've updated it.

amogh-jahagirdar
amogh-jahagirdar reviewed Jul 2, 2024
View reviewed changes
Comment thread core/src/main/java/org/apache/iceberg/rest/auth/OAuth2Util.java Outdated
@tlm365
Core: Handles possible heap data corruption of OAuth2Util.AuthSession…
5a93a28 
…#headers

Signed-off-by: Tai Le Manh <manhtai.lmt@gmail.com>
amogh-jahagirdar
amogh-jahagirdar approved these changes Jul 2, 2024
View reviewed changes

@amogh-jahagirdar amogh-jahagirdar left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @tlm365 I will merge when checks pass.

@amogh-jahagirdar amogh-jahagirdar merged commit fc213cc into apache:main Jul 4, 2024
jasonf20 pushed a commit to jasonf20/iceberg that referenced this pull request Aug 4, 2024
@tlm365 @jasonf20
Core: Handle possible heap data corruption in OAuth2Util.AuthSession#…
085dc80 
…headers (apache#10615)

Signed-off-by: Tai Le Manh <manhtai.lmt@gmail.com>
zachdisc pushed a commit to zachdisc/iceberg that referenced this pull request Dec 23, 2024
@tlm365 @zachdisc
Core: Handle possible heap data corruption in OAuth2Util.AuthSession#…
3674302 
…headers (apache#10615)

Signed-off-by: Tai Le Manh <manhtai.lmt@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amogh-jahagirdar amogh-jahagirdar amogh-jahagirdar approved these changes
+2 more reviewers
@adutra adutra adutra left review comments
@snazy snazy snazy left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

core

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Possible heap data corruption of org.apache.iceberg.rest.auth.OAuth2Util.AuthSession#headers

4 participants

@tlm365 @adutra @snazy @amogh-jahagirdar