Skip to content

v0.11.105

Choose a tag to compare

View all tags
@zalando-robot zalando-robot released this 04 Jun 08:14
v0.11.105
8f3bb2b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Changes

OIDC introspection concurrency crashes (#1435)
Turns out the gjson internal map access for "modifiers" is not thread safe:
tidwall/gjson#173
It accesses a map unsyncronized causing application crashes during RW operations:

fatal error: concurrent map writes
goroutine 4555 [running]:
runtime.throw(0x1041950, 0x15)
	/usr/local/go/src/runtime/panic.go:1116 +0x72 fp=0xc001dc5338 sp=0xc001dc5308 pc=0x434b42
runtime.mapassign_faststr(0xecda00, 0xc000118f60, 0x102fe84, 0x1, 0x0)
	/usr/local/go/src/runtime/map_faststr.go:291 +0x3de fp=0xc001dc53a0 sp=0xc001dc5338 pc=0x41375e
github.com/tidwall/gjson.AddModifier(...)
	/go/pkg/mod/github.com/tidwall/gjson@v1.4.0/gjson.go:2612

This workaround uses Mutex semaphores in order to achieve thread safety, that might be slower however as an improvement the write operation is only conditional now which will be rare.

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/pathfinder/skipper:v0.11.105 skipper --help
# arm64
docker run -it registry.opensource.zalan.do/pathfinder/skipper-arm64:v0.11.105 skipper --help
# arm v7 32bit
docker run -it registry.opensource.zalan.do/pathfinder/skipper-armv7:v0.11.105 skipper --help
Assets 8
Loading