dohertj2/wwtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mbproxy: remediate the 2026-05-16 code-review findings

Browse Source 
Fixes every finding from the codereviews/2026-05-16 multi-agent review
(2 Critical, 20 Major, 38 Minor) and adds that review to the repo.

Highlights: dashboard XSS escape; response cache invalidated on the
write request (not just the response); ReloadValidator now runs at
startup so port collisions / duplicate names / malformed Resilience
profiles fail fast; AdminPort 0 genuinely disables the admin endpoint;
PlcListener accept-loop faults propagate to the supervisor's faulted
path; reconciler Restart builds before removing; Resilience pipelines
are restart-only from a frozen snapshot; multiplexer connect-race leak,
watchdog party-list snapshot, backend-response and FC16 framing
validation; frontend reconnect retry and util.js load guard; plus the
log-event/doc drift sweep and test-port hygiene.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
2026-05-16 18:08:06 -04:00
parent 0308490aef
commit b222362ce0
45 changed files with 1735 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mbproxy/src/Mbproxy/Proxy/Multiplexing/TxIdAllocator.cs
+15
View File
@@ -32,6 +32,7 @@ internal sealed class TxIdAllocator
private ushort _next; // rolling cursor; 0 on construction
private int _inFlightCount; // 0..65536
private long _wrapCount; // monotonic; never resets
private long _doubleReleaseCount; // monotonic; Release called on an already-free slot
/// <summary>
/// Number of currently-in-flight proxy TxIds (i.e., allocated but not yet released).
@@ -56,6 +57,14 @@ internal sealed class TxIdAllocator
/// </summary>
public long WrapCount => Interlocked.Read(ref _wrapCount);
/// <summary>
/// Number of times <see cref="Release"/> was called on a slot that was already free.
/// A double-release is normally a benign cascade-vs-timeout race, but a sustained
/// non-zero rate points at the documented <c>TearDownBackendAsync</c> gate-not-held
/// race actually firing — making the otherwise-silent request drop observable.
/// </summary>
public long DoubleReleaseCount => Interlocked.Read(ref _doubleReleaseCount);
/// <summary>
/// Attempts to allocate the next free proxy TxId.
/// Returns <c>true</c> with <paramref name="id"/> set when an ID was allocated.
@@ -125,6 +134,12 @@ internal sealed class TxIdAllocator
_inUse[id] = false;
_inFlightCount--;
}
else
{
// Double-release: the slot was already free. Harmless to the allocator
// (idempotent) but tracked so the rare cascade-vs-timeout race is visible.
Interlocked.Increment(ref _doubleReleaseCount);
}
}
}