Fix data race in AuthorizationSessionTestFixture using an atomic

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major - P3
    • 8.1.0-rc0, 8.0.0-rc11
    • Affects Version/s: None
    • Component/s: Security
    • None
    • Query Optimization
    • Fully Compatible
    • ALL
    • v8.0
    • QO 2024-07-08
    • 200
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      There is a data race in the AuthorizationManagerImpl::_authEnabled flag when 
      UnauthorizedSessionIsCoauthorizedWithAnybodyWhenAuthIsDisabled and AuthorizedSessionIsCoauthorizedNobodyWhenAuthIsDisabled call authzManager->setAuthEnabled(false) outside of initialization time. At the same time, the JournalFlusher thread is reading its value through isAuthEnabled().

      This is an unintended use of _authEnabled, which currently allows unsynchronized accesses because it's only expected to be set once at initialization time. To allow these unit tests (and future tests) to safely reset its value, _authEnabled should be made an atomic.

              Assignee:
              Lynne Wang
              Reporter:
              Lynne Wang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: