From 7e64e105a053f2d66e1d88a73d62c405a687a411 Mon Sep 17 00:00:00 2001 From: Nick Cabatoff Date: Fri, 22 Apr 2022 13:04:34 -0400 Subject: [PATCH] Clone identity objects to prevent races. (#15123) --- changelog/15123.txt | 3 +++ vault/identity_store_entities.go | 2 +- vault/identity_store_util.go | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 changelog/15123.txt diff --git a/changelog/15123.txt b/changelog/15123.txt new file mode 100644 index 000000000..51223e400 --- /dev/null +++ b/changelog/15123.txt @@ -0,0 +1,3 @@ +```release-note:improvement +core: Fix some identity data races found by Go race detector (no known impact yet). +``` diff --git a/vault/identity_store_entities.go b/vault/identity_store_entities.go index 6d90dcbdb..cc85d0179 100644 --- a/vault/identity_store_entities.go +++ b/vault/identity_store_entities.go @@ -786,7 +786,7 @@ func (i *IdentityStore) mergeEntity(ctx context.Context, txn *memdb.Txn, toEntit return errors.New("to_entity_id should not be present in from_entity_ids"), nil } - fromEntity, err := i.MemDBEntityByID(fromEntityID, false) + fromEntity, err := i.MemDBEntityByID(fromEntityID, true) if err != nil { return nil, err } diff --git a/vault/identity_store_util.go b/vault/identity_store_util.go index f026412fc..5f9e891e7 100644 --- a/vault/identity_store_util.go +++ b/vault/identity_store_util.go @@ -667,7 +667,7 @@ func (i *IdentityStore) processLocalAlias(ctx context.Context, lAlias *logical.A return nil, fmt.Errorf("mount accessor %q is not local", lAlias.MountAccessor) } - alias, err := i.MemDBAliasByFactors(lAlias.MountAccessor, lAlias.Name, false, false) + alias, err := i.MemDBAliasByFactors(lAlias.MountAccessor, lAlias.Name, true, false) if err != nil { return nil, err }