client_rust
client_rust copied to clipboard
prometheus
Replace owning_ref
Owning ref is (1) seemingly unmaintained since last commit was 2 years ago and (2) unsound. Something else should probably be used.
The Owning_Ref library is used at the following files:
Histogram relevant files use this module, they cannot be used due to Security reasons! This needs to be patched where the usage of Owning_Ref is dropped!
In other issues I see this being recommended. Haven't had a chance to look too deeply, but perhaps that is a suitable replacement?
Can I work on patching the issue ? @mxinden
Yes, for sure. Help is very much appreciated.
In other issues I see this being recommended. Haven't had a chance to look too deeply, but perhaps that is a suitable replacement?
Can you tell whether it suffers the same unsoundness issues that owning_ref does?
We need owning_ref in wrapper style metrics (e.g. Family), which internally use a Mutex though want to give users access to a reference of the underlying wrapped metric (e.g. Counter). Given that this reference depends on the MutexGuard, we need to ensure that the MutexGuard lives long enough, i.e. throughout the lifetime of the reference of the wrapped metric. Without keeping the MutexGuard alive, we invalidate the properties of the Mutex itself, namely mutual exclusive access to the wrapped metric.
Thus far owning_ref offered a way to ship both the MutexGuard and the reference to the user, thus enforcing the lifetime bound.
Alternative approaches I can see:
- Use
parking_lotand itsRwLockGuard::mapmethod. - Take a
FnOnceto access the wrapped metric, instead of returning a reference to the wrapped metric. - Clone the wrapped metric on each access.
@mxinden I went through the solution parking_lot offers. I am unable to figure out how to deal with the MutexGuardedBuckets and that is preventing me from fixing the solution. What should I do next?
For the record, fix is released with v0.18.0.
https://github.com/prometheus/client_rust/pull/80