transport: protect field access with transport to avoid possible data race

Open yanke-xu opened this issue 2 years ago • 0 comments

Fixed inconsistency and also potential data race in weave/vendor/k8s.io/client-go/transport/cert_rotation.go: c.clientCert is read/written 4 times in weave/vendor/k8s.io/client-go/transport/cert_rotation.go; 3 out of 4 times it is protected by c.certMtx; 1 out of 4 times it is read without a Lock, which is in func loadClientCert() on L75. A data race may happen when loadClientCert() and loadClientCert() are called in parallel.

For example: for { ...... go loadClientCert() ...... }

In order to avoid potential data race here, I use c.certMtx.RLock(); defer c.certMtx.RUnlock() to make sure that all usages of items is in critical section.

Mar 07 '23 02:03 yanke-xu