Skip to content

Race condition in webhook failure counter under concurrent delivery #756

Description

@Otaiki1

Problem

WebhookService.deliverWebhookWithRetries() issues individual UPDATE queries per failure to increment failure_count and disable webhooks (webhook.service.ts:274-289). Concurrent failures execute these reads and writes outside a transaction, so two parallel deliveries can both read the same count, both increment, and the webhook never gets disabled at MAX_FAILURES.

Fix

Wrap the read-increment-disable sequence in a DB transaction with optimistic locking, or use an atomic UPDATE ... SET failure_count = failure_count + 1 WHERE ....

File: backend/src/services/webhook.service.ts:274-289

Metadata

Metadata

Assignees

Labels

Stellar WaveFull ecosystem refactor initiative

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions