Description
I have a global var pricer *doubleclick.DoubleClickPricer and many requests are using the same pricer to decrypt a price. And I saw some strange results and today finally saw three panics with the following stack:
Error: d.nx != 0
crypto/sha1.(*digest).checkSum(0xc0000f0790)
crypto/sha1/sha1.go:183 +0x16d
crypto/sha1.(*digest).Sum(0x8?, {0x0, 0x0, 0x0})
crypto/sha1/sha1.go:162 +0x7d
crypto/hmac.(*hmac).Sum(0xc000914060, {0x0?, 0x0, 0xc0010a3c01?})
crypto/hmac/hmac.go:58 +0x38
github.com/benjaminch/pricers/helpers.HmacSum({0xc1dc20, 0xc000914060}, {0xc00090e7e0, 0x8, 0x8}, {0xc00090e7d0, 0x10, 0x10})
github.com/benjaminch/pricers@v0.2.2-0.20220905152655-c79300e30332/helpers/helpers.go:87 +0xa3
github.com/benjaminch/pricers/doubleclick.(*DoubleClickPricer).Decrypt(0xc0009140c0, {0xc0008292c0?, 0x26?})
github.com/benjaminch/pricers@v0.2.2-0.20220905152655-c79300e30332/doubleclick/doubleclick_pricer.go:174 +0x6c5
The auction price string was totally correct and I decoded it successfully when tried locally.
So from what I see the panic is thrown from here
func HmacSum(hmac hash.Hash, buf, buf2 []byte) []byte {
hmac.Reset()
hmac.Write(buf)
}And the hmac may be dc.integrityKey or dc.encryptionKey fields. But here their value is changing!
That's why two concurrent requests may erase each other values.
I don't know how to fix this properly. Just for now I added a lock to avoid concurrent execution.
But I'm afraid that I have to create a new instance of the pricer each time.
Could you please confirm and suggest any possible fix for this? For example we may copy the i_key and e_key before the hmac calculation.