Skip to content

Latest commit

 

History

History
198 lines (149 loc) · 9.65 KB

mitigations.md

File metadata and controls

198 lines (149 loc) · 9.65 KB

Mitigation Strategies Analysis for reactivex/rxkotlin

Mitigation Strategy: Backpressure Handling

Description:

  1. Identify Critical Observables: Analyze Observables interacting with high-volume sources (network, files, user input).
  2. Choose a Backpressure Strategy: Select the appropriate RxKotlin operator:
    • onBackpressureBuffer: Buffers events (configure buffer size).
    • onBackpressureDrop: Discards events.
    • onBackpressureLatest: Keeps only the latest event.
    • sample: Emits the most recent item within a time window.
  3. Apply the Operator: Insert the operator into the Observable chain (near the source).
  4. Consider Flowable: Refactor to Flowable for built-in backpressure support.
  5. Monitor and Tune: Monitor performance and adjust parameters.

Threats Mitigated:

  • Uncontrolled Resource Consumption (DoS): (Severity: High)
  • Application Crashes: (Severity: High)
  • Performance Degradation: (Severity: Medium)

Impact:

  • Uncontrolled Resource Consumption (DoS): Risk significantly reduced.
  • Application Crashes: Risk significantly reduced.
  • Performance Degradation: Risk significantly reduced.

Currently Implemented: [Example: NetworkDataFetcher.kt (onBackpressureBuffer), UserActivityStream.kt (onBackpressureLatest)]

Missing Implementation: [Example: LogFileReader.kt (needs onBackpressureBuffer or Flowable)]

Mitigation Strategy: Timeout and Retry with Limits (Using RxKotlin Operators)

Description:

  1. Identify External Interactions: Find Observables interacting with external services.
  2. Apply timeout: Add the RxKotlin timeout operator, specifying a time limit.
  3. Apply retry (with Limits): Add the RxKotlin retry operator. Limit retries: retry(maxRetries) or retryWhen (with backoff).
  4. Error Handling: Ensure the onError handler manages timeout/retry failures.

Threats Mitigated:

  • Uncontrolled Resource Consumption (DoS): (Severity: High)
  • Application Hangs: (Severity: High)
  • Resource Leaks: (Severity: Medium)
  • Infinite Retry Loops: (Severity: Medium)

Impact:

  • Uncontrolled Resource Consumption (DoS): Risk significantly reduced.
  • Application Hangs: Risk significantly reduced.
  • Resource Leaks: Risk reduced.
  • Infinite Retry Loops: Risk eliminated.

Currently Implemented: [Example: ApiService.kt (timeout: 5s, retries: 3)]

Missing Implementation: [Example: DatabaseQueryExecutor.kt (needs timeout and retry)]

Mitigation Strategy: Rate Limiting (Using RxKotlin Operators)

Description:

  1. Identify High-Frequency Events: Find Observables with high event frequency.
  2. Choose a Rate Limiting Operator: Select the appropriate RxKotlin operator:
    • throttleFirst: First item in a time window.
    • throttleLast: Last item in a time window.
    • debounce: Emits after inactivity.
    • sample: Most recent item in a time window.
  3. Apply the Operator: Insert the operator into the chain (near the source).
  4. Tune the Time Window: Adjust the time window parameter.

Threats Mitigated:

  • Uncontrolled Resource Consumption (DoS): (Severity: High)
  • Performance Degradation: (Severity: Medium)
  • External Service Overload: (Severity: Medium)

Impact:

  • Uncontrolled Resource Consumption (DoS): Risk significantly reduced.
  • Performance Degradation: Risk significantly reduced.
  • External Service Overload: Risk reduced.

Currently Implemented: [Example: SearchSuggestionsProvider.kt (debounce)]

Missing Implementation: [Example: SensorDataStream.kt (needs throttleFirst or sample)]

Mitigation Strategy: Resource Management with using

Description:

  1. Identify Resource Acquisition: Find Observables acquiring resources.
  2. Use the using Operator: Wrap resource acquisition and Observable creation in RxKotlin's using operator:
    • Resource Factory: Creates the resource.
    • Observable Factory: Takes the resource, returns an Observable.
    • Resource Disposer: Releases the resource.
  3. Ensure Proper Disposal: The Resource Disposer must reliably release the resource.

Threats Mitigated:

  • Resource Leaks: (Severity: Medium)
  • Uncontrolled Resource Consumption (DoS): (Severity: Medium)
  • Application Instability: (Severity: Medium)

Impact:

  • Resource Leaks: Risk significantly reduced.
  • Uncontrolled Resource Consumption (DoS): Risk indirectly reduced.
  • Application Instability: Risk reduced.

Currently Implemented: [Example: DatabaseConnectionManager.kt]

Missing Implementation: [Example: FileDownloader.kt]

Mitigation Strategy: Careful Subscription Management

Description:

  1. Identify Subscriptions: Find all Observable subscriptions.
  2. Dispose Subscriptions: Ensure every Disposable is disposed of when no longer needed (e.g., onDestroy).
  3. Use CompositeDisposable: Manage multiple subscriptions with CompositeDisposable; call dispose() on it.
  4. Avoid Long-Lived Subscriptions: Be cautious with long-lived subscriptions in short-lived components.

Threats Mitigated:

  • Memory Leaks: (Severity: Medium)
  • Unexpected Behavior: (Severity: Medium)
  • Resource Leaks: (Severity: Medium)

Impact:

  • Memory Leaks: Risk significantly reduced.
  • Unexpected Behavior: Risk significantly reduced.
  • Resource Leaks: Risk indirectly reduced.

Currently Implemented: [Example: Android Activities/Fragments (CompositeDisposable, onDestroy)]

Missing Implementation: [Example: Some background services]

Mitigation Strategy: Error Handling (Using RxKotlin Operators and onError)

Description:

  1. Identify Observable Chains: Examine all Observable chains.
  2. Implement onError Handlers: Every subscription must have an onError handler:
    • Log the error (without sensitive data).
    • Attempt recovery (if possible).
    • Inform the user appropriately.
  3. Use Error Handling Operators: Consider RxKotlin operators: onErrorResumeNext (fallback Observable), onErrorReturnItem (default value). Choose carefully.
  4. Centralized Error Handling (Optional): Consider a centralized mechanism.

Threats Mitigated:

  • Application Crashes: (Severity: High)
  • Unexpected Behavior: (Severity: Medium)
  • Data Loss/Corruption: (Severity: High)
  • Information Disclosure: (Severity: Medium)

Impact:

  • Application Crashes: Risk significantly reduced.
  • Unexpected Behavior: Risk significantly reduced.
  • Data Loss/Corruption: Risk reduced.
  • Information Disclosure: Risk reduced.

Currently Implemented: [Example: Partially implemented; some onError handlers missing/incomplete]

Missing Implementation: [Example: LegacyDataProcessor.kt]

Mitigation Strategy: Cross-Thread Data Races (Using observeOn and subscribeOn)

Description:

  1. Identify Shared Mutable State: Find mutable data accessed by multiple Observables/threads.
  2. Prefer Immutability: Refactor to use immutable data structures (if possible).
  3. Use observeOn and subscribeOn: Explicitly specify threads with RxKotlin's observeOn (downstream) and subscribeOn (Observable's work).
  4. Synchronization (If Necessary): If mutable state is required, use synchronization (e.g., synchronized, AtomicReference).
  5. Thread Confinement: Consider confining mutable state to a single thread.

Threats Mitigated:

  • Data Races: (Severity: High)
  • Application Crashes: (Severity: High)
  • Unexpected Behavior: (Severity: Medium)

Impact:

  • Data Races: Risk significantly reduced (or eliminated).
  • Application Crashes: Risk reduced.
  • Unexpected Behavior: Risk significantly reduced.

Currently Implemented: [Example: Partially; observeOn/subscribeOn used inconsistently]

Missing Implementation: [Example: SharedDataCache.kt (missing synchronization)]

Mitigation Strategy: Side-Effect Management (Using doOn... operators)

Description:

  1. Identify Side Effects: Identify all side effects within Observable chains.
  2. Use doOn... Operators Carefully: Use RxKotlin operators like doOnNext, doOnError, and doOnComplete for side effects, but minimize their complexity.
  3. Isolate Side Effects: If possible, isolate side effects to the subscriber.
  4. Consider using: Use using for resource management.
  5. Document Side-Effects: Clearly document any side-effects.

Threats Mitigated: * Unexpected Behavior: (Severity: Medium) * Data Races (Indirectly): (Severity: Medium) * Testing Difficulties: (Severity: Low)

Impact: * Unexpected Behavior: Risk reduced. * Data Races (Indirectly): Risk reduced. * Testing Difficulties: Risk reduced.

Currently Implemented: [Example: Partially; doOnNext for logging, but other side effects scattered]

Missing Implementation: [Example: DataUpdater.kt (side effects in map)]