< Previous by Date Date Index Next by Date >
  Thread Index  

[reSIProcate] Question about thread-safety in RRVip


While working on the greylisting code, I have noticed something disturbing. From what I can tell, the RRVip ends up being accessed by two different threads. 

There are the access that comes from a callback to DnsStub::Query::process() from ares:

*snip*
      if (bGotAnswers)
      {
         mReQuery = 0;
         DnsResourceRecordsByPtr result;
         int queryStatus = 0;
         RRCache::instance()->lookup(targetToQuery, mRRType, mProto, result, queryStatus);
         if (mTransform) mTransform->transform(targetToQuery, mRRType, result);
         mResultConverter->notifyUser(mTarget, queryStatus, mStub.errorMessage(queryStatus), result, mSink);
      }
*snip*

and there are the accesses that come from the stack's thread, through DnsResult

in DnsResult::whitelistLast()
*snip*
void
DnsResult::whitelistLast()
{
   std::vector<Item>::iterator i;
   for (i=mLastReturnedPath.begin(); i!=mLastReturnedPath.end(); ++i)
   {
      DebugLog( << "Whitelisting " << i->domain << "(" << i->rrType << "): " << i->value);
      mVip.vip(i->domain, i->rrType, i->value);
   }
}
*snip*

in DnsResult::blacklistLastReturnedResult()
*snip*
void DnsResult::blacklistLastReturnedResult(UInt64 expiry)
{
   assert(!mLastReturnedPath.empty());
   assert(mLastReturnedPath.size()<=3);
   Item top = mLastReturnedPath.back();

   DnsResult::blacklist(mLastResult,expiry);

   DebugLog( << "Remove vip " << top.domain << "(" << top.rrType << ")");
   mVip.removeVip(top.domain, top.rrType);
}
*snip*

Unless I am mistaken about the call to DnsStub::Query::process() coming from ares as a callback, this needs to be fixed pronto.

Best regards,
Byron Campen

Attachment: smime.p7s
Description: S/MIME cryptographic signature