1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-22 12:50:55 +00:00

Merge pull request #3922 from BurtonQin/bug-1-2-3-inconsistent-field-protection

cache, context, session: add lock to fix inconsistent field protection
This commit is contained in:
astaxie 2020-02-22 15:09:25 +08:00 committed by GitHub
commit 8f3d1c5f42
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 0 deletions

3
cache/memory.go vendored
View File

@ -218,9 +218,12 @@ func (bc *MemoryCache) vacuum() {
} }
for { for {
<-time.After(bc.dur) <-time.After(bc.dur)
bc.RLock()
if bc.items == nil { if bc.items == nil {
bc.RUnlock()
return return
} }
bc.RUnlock()
if keys := bc.expiredKeys(); len(keys) != 0 { if keys := bc.expiredKeys(); len(keys) != 0 {
bc.clearItems(keys) bc.clearItems(keys)
} }

View File

@ -71,7 +71,9 @@ func (input *BeegoInput) Reset(ctx *Context) {
input.CruSession = nil input.CruSession = nil
input.pnames = input.pnames[:0] input.pnames = input.pnames[:0]
input.pvalues = input.pvalues[:0] input.pvalues = input.pvalues[:0]
input.dataLock.Lock()
input.data = nil input.data = nil
input.dataLock.Unlock()
input.RequestBody = []byte{} input.RequestBody = []byte{}
} }

View File

@ -74,7 +74,9 @@ func (st *CookieSessionStore) SessionID() string {
// SessionRelease Write cookie session to http response cookie // SessionRelease Write cookie session to http response cookie
func (st *CookieSessionStore) SessionRelease(w http.ResponseWriter) { func (st *CookieSessionStore) SessionRelease(w http.ResponseWriter) {
st.lock.Lock()
encodedCookie, err := encodeCookie(cookiepder.block, cookiepder.config.SecurityKey, cookiepder.config.SecurityName, st.values) encodedCookie, err := encodeCookie(cookiepder.block, cookiepder.config.SecurityKey, cookiepder.config.SecurityName, st.values)
st.lock.Unlock()
if err == nil { if err == nil {
cookie := &http.Cookie{Name: cookiepder.config.CookieName, cookie := &http.Cookie{Name: cookiepder.config.CookieName,
Value: url.QueryEscape(encodedCookie), Value: url.QueryEscape(encodedCookie),