Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Cache] Fix filesystem cache collision #39786

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[Cache] Fix filesystem cache collision #39786

wants to merge 1 commit into from

Conversation

supersmile2009
Copy link

Q A
Branch? 4.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets n/a
License MIT
Doc PR n/a

NOTE: this isn't a theoretical case but a real issue I had in a production environment.
Current filesystem cache write implementation leads to cache collision under certain conditions.
I'll try to explain the conditions that lead to it and the reasoning behind each change step by step.

  1. Once initialized, Symfony/Component/Cache/Traits/FilesystemCommonTrait::$tmp never changes. It means that if process is forked, both processes now use the same tmp file path to write to the cache. You don't really need that much concurrency to end up with a collision this way.
    The first fix iteration that comes to mind is removing the if condition here:

    symfony/src/Symfony/Component/Cache/Traits/FilesystemCommonTrait.php

    Lines 95 to 97 in cce5a42

    if (null === $this->tmp) {
    $this->tmp = $this->directory.uniqid('', true);
    }

    That would work better, but there's still a possibility of a race condition.

  2. As you know uniqid() is based on timestamp in microseconds. With enough luck and concurrency you may get exactly the same value from it in different processes/threads. The more_entropy argument is supposed to help with that, however it doesn't work very well if it had been used before forking.
    Check out this example:

<?php

echo uniqid('', true).PHP_EOL;
$pid = pcntl_fork();
if ($pid == -1) {
    die('could not fork');
} elseif ($pid) {
    // we are the parent
    echo uniqid('', true).PHP_EOL;
    pcntl_wait($status); //Protect against Zombie children
} else {
    // we are the child
    echo uniqid('', true).PHP_EOL;
}

Output:

5ffc343b65a718.78746310
5ffc343b65dab3.19705677
5ffc343b7e6493.19705677

As you can see the 2nd and the 3rd line have the same "more entropy" value. The problem is that under the hood it's using an LCG algorithm. Once its constants are initialized, they never change and the sequence of generated numbers is pre-determined.
Thus uniqid() was replaced with bin2hex(random_bytes(40)).

  1. The change in the last step should be sufficient for the majority of use cases, however the statefulness of this code (i. e. $this->tmp) still leads to problems when used with coroutines (Swoole) and presumably - threads (I have no experience with multi-threading solutions in PHP, maybe they do some magic around it to prevent this kind of issue).
    As a result, $tmp property was replaced with a local variable.

@carsonbot carsonbot added this to the 4.4 milestone Jan 11, 2021
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 5.x branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@supersmile2009 supersmile2009 force-pushed the bugfix/filesystem-cache-collision branch from 2844a6f to 185c17a Compare January 11, 2021 15:23
OskarStark
OskarStark reviewed Jan 11, 2021
View reviewed changes
src/Symfony/Component/Cache/Traits/FilesystemCommonTrait.php
@@ -21,7 +21,6 @@
trait FilesystemCommonTrait
{
private $directory;
private $tmp;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a BC break isn't it?

@nicolas-grekas nicolas-grekas mentioned this pull request Jan 11, 2021
Merged
@nicolas-grekas
Copy link
Member

Thanks for raising the issue and sending a PR!
I started with a review but decided writing a PR would be more efficient for both of us.
See #39788

nicolas-grekas added a commit that referenced this pull request Jan 12, 2021
@nicolas-grekas
bug #39788 [Cache] fix possible collision when writing tmp file in fi…
2852a42 
…lesystem adapter (nicolas-grekas)

This PR was merged into the 4.4 branch.

Discussion
----------

[Cache] fix possible collision when writing tmp file in filesystem adapter

| Q             | A
| ------------- | ---
| Branch?       | 4.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | Fix #39786
| License       | MIT
| Doc PR        | -

Commits
-------

340d15e [Cache] fix possible collision when writing tmp file in filesystem adapter
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@OskarStark OskarStark OskarStark left review comments

Assignees
No one assigned
Labels
Bug Cache Status: Needs Review
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
4 participants
@supersmile2009 @carsonbot @nicolas-grekas @OskarStark