Skip to content

Fix a bug which could corrupt auth chains #18746

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Fix a bug which could corrupt auth chains #18746

wants to merge 2 commits into from

Conversation

kegsay
Copy link
Contributor

@kegsay kegsay commented Jul 29, 2025
edited
Loading

Complement tests

Basically, when we use /state_ids in conjunction with /event requests, the /event request can fail causing a partial state to be returned. When we persist the state, we process dependent events first. If we fail to process a dependent event due to missing the auth_event, we didn't update the in-memory event map. This meant that we could incorrectly persist events that depended on dropped events.

Discovered via Chaos testing.

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct (run the linters)

@kegsay kegsay requested a review from a team as a code owner July 29, 2025 14:11
@kegsay kegsay mentioned this pull request Jul 29, 2025
Closed
1 task
@kegsay kegsay mentioned this pull request Jul 29, 2025
Open
1 task
MadLittleMods
MadLittleMods approved these changes Jul 29, 2025
View reviewed changes
synapse/handlers/federation_event.py
Comment on lines +1729 to 1733
# Drop the event from the auth_map too, else we may incorrectly persist
# events which depend on this dropped event.
auth_map.pop(event.event_id, None)
return
auth.append(ae)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Additionally, should check_state_independent_auth_rules even be using the full auth_map?

Feels like we should be constructing a subset map with just the event.auth_event_ids()

auth_events_for_event = []
auth_event_map_for_event = {}
Suggested change
# Drop the event from the auth_map too, else we may incorrectly persist
# events which depend on this dropped event.
auth_map.pop(event.event_id, None)
return
auth.append(ae)
# Drop the event from the auth_map too, else we may incorrectly persist
# events which depend on this dropped event.
auth_map.pop(event.event_id, None)
return
auth_events_for_event.append(ae)
auth_event_map_for_event[auth_event_id] = ae 
                    await check_state_independent_auth_rules(
                        self._store, event, batched_auth_events=auth_event_map_for_event
                    )
                    check_state_dependent_auth_rules(event, auth_events_for_event)

@MadLittleMods MadLittleMods mentioned this pull request Aug 5, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MadLittleMods MadLittleMods MadLittleMods approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kegsay @MadLittleMods