TestRateLimiterMemoryStore_TOCTOUFix verifies that the TOCTOU race condition is fixed by ensuring timeNow() is only called once per Allow() call
(t *testing.T)
| 511 | // TestRateLimiterMemoryStore_TOCTOUFix verifies that the TOCTOU race condition is fixed |
| 512 | // by ensuring timeNow() is only called once per Allow() call |
| 513 | func TestRateLimiterMemoryStore_TOCTOUFix(t *testing.T) { |
| 514 | t.Parallel() |
| 515 | |
| 516 | store := NewRateLimiterMemoryStoreWithConfig(RateLimiterMemoryStoreConfig{ |
| 517 | Rate: 1, |
| 518 | Burst: 1, |
| 519 | ExpiresIn: 2 * time.Second, |
| 520 | }) |
| 521 | |
| 522 | // Track time calls to verify we use the same time value |
| 523 | timeCallCount := 0 |
| 524 | baseTime := time.Date(2009, time.November, 10, 23, 0, 0, 0, time.UTC) |
| 525 | |
| 526 | store.timeNow = func() time.Time { |
| 527 | timeCallCount++ |
| 528 | return baseTime |
| 529 | } |
| 530 | |
| 531 | // First request - should succeed |
| 532 | allowed, err := store.Allow("127.0.0.1") |
| 533 | assert.NoError(t, err) |
| 534 | assert.True(t, allowed, "First request should be allowed") |
| 535 | |
| 536 | // Verify timeNow() was only called once |
| 537 | assert.Equal(t, 1, timeCallCount, "timeNow() should only be called once per Allow()") |
| 538 | } |
| 539 | |
| 540 | // TestRateLimiterMemoryStore_ConcurrentAccess verifies rate limiting correctness under concurrent load |
| 541 | func TestRateLimiterMemoryStore_ConcurrentAccess(t *testing.T) { |
nothing calls this directly
no test coverage detected
searching dependent graphs…