fix(bsr): resolve race condition errors in signature file (#4393)

* fix(bsr): resolve race condition errors in signature file * chore(bsr): add comment to define purpose of mutex lock
2 years ago · 29c09f5bc2
parent 2c669f4600
commit 29c09f5bc2
1 changed files with 11 additions and 0 deletions
--- a/internal/bsr/internal/sign/sign.go
+++ b/internal/bsr/internal/sign/sign.go
@ -12,6 +12,7 @@ import (
 	"fmt"
 	"io"
 	"io/fs"
+	"sync"

 	"github.com/hashicorp/boundary/internal/bsr/internal/is"
 	"github.com/hashicorp/boundary/internal/bsr/kms"
@ -29,6 +30,10 @@ type Writer struct {
 	buf *bytes.Buffer
 	w   io.Writer
 	tee io.Writer
+
+	// This lock protects the buf and w variables defined in this Writer struct as a
+	// consequence of these variables both being written to at the same time using tee
+	l sync.Mutex
 }

 // NewWriter returns a Writer that wraps an io.Writer.
@ -52,6 +57,8 @@ func NewWriter(_ context.Context, w io.Writer, keys *kms.Keys) (*Writer, error)
 }

 func (w *Writer) Write(b []byte) (int, error) {
+	w.l.Lock()
+	defer w.l.Unlock()
 	return w.tee.Write(b)
 }

@ -63,6 +70,8 @@ func (w *Writer) WriteString(s string) (int, error) {
 // Close implements the io.Closer method.
 func (w *Writer) Close() error {
 	const op = "sign.(Writer).Close"
+	w.l.Lock()
+	defer w.l.Unlock()
 	var i interface{} = w.w
 	v, ok := i.(io.WriteCloser)
 	if ok {
@ -75,6 +84,8 @@ func (w *Writer) Close() error {

 // Sign returns the signature of the data written to the writer.
 func (w *Writer) Sign(ctx context.Context) (*wrapping.SigInfo, error) {
+	w.l.Lock()
+	defer w.l.Unlock()
 	sig, err := w.keys.SignWithPrivKey(ctx, w.buf.Bytes())
 	if err != nil {
 		return nil, err