Git issue #5009 Asset cache can lead to denial of service if asset database is deleted -Fix

[SudhanshuBawane]

Closed #5009

Description

The change is regarding the denial of service from agent when asset.db gets deleted due to some external scenario. Which creates a DOS as SHA contains the some reference to the previous asset.db and hence forth the new one does not get created properly.

Change in behavior

To prevent the DOS of the agent in above scenario and keep the agent working properly. For new asset.db creation.

Added

• The new cleanUp function for cleaning up the SHA dir from cache to prevent a DOS in case of asset.db deletion.
• Added the test to check all scenarios.

Changed

• The expandWithDuration function in boltdb_manager has been changed a little for the cleanUp function support.

Fixed

• This fixes the DOS in agent in case of asset database is deleted.

Change verification

The changes can be verified not only by the test cases but also by checking the same behavior. That is delete the asset.db and make note of it's size. Then re-run the agent and it will run without populating error file exits and asset.db get recreated with same size.

[fguimond]

A couple of minor things but looks good otherwise!

[fguimond]

Don't forget to add a changelog entry.

[SudhanshuBawane]

Please add a test that shows that the boltdb manager now exhibits correct behaviour when the asset.db has been deleted

[SudhanshuBawane]

Please add a test that shows that the boltdb manager now exhibits correct behaviour when the asset.db has been deleted

May I know what kind of behavior is expected like what I need to check ?