fix(backend): atomic check-and-set for indexing status to prevent TOCTOU race

DevanshuNEU · DevanshuNEU · commit 5c650213822f · 2026-01-26T22:47:22.000-05:00
- Add try_set_indexing_status() to supabase_service using .neq() filter
- Add try_set_indexing() wrapper to repo_manager
- Replace non-atomic status check in /index/async with atomic method
- Returns 409 if repo already indexing, prevents duplicate indexing jobs
- Error handler already sets status to 'error' so repo won't stay stuck
diff --git a/backend/routes/repos.py b/backend/routes/repos.py
@@ -347,13 +347,6 @@ async def index_repository_async(
     try:
         repo = get_repo_or_404(repo_id, user_id)
         
-        # Check if already indexing
-        if repo.get("status") == "indexing":
-            raise HTTPException(
-                status_code=409,
-                detail="Repository is already being indexed"
-            )
-        
         # Re-check size limits
         analysis = repo_validator.analyze_repo(repo["local_path"])
         
@@ -382,8 +375,13 @@ async def index_repository_async(
                 }
             )
         
-        # Mark as indexing immediately
-        repo_manager.update_status(repo_id, "indexing")
+        # Atomic check-and-set: only set 'indexing' if not already indexing
+        # This prevents TOCTOU race where two requests both see status != 'indexing'
+        if not repo_manager.try_set_indexing(repo_id):
+            raise HTTPException(
+                status_code=409,
+                detail="Repository is already being indexed"
+            )
         
         # Schedule background task
         background_tasks.add_task(
diff --git a/backend/services/repo_manager.py b/backend/services/repo_manager.py
@@ -135,6 +135,15 @@ def update_status(self, repo_id: str, status: str):
         """Update repository status"""
         self.db.update_repository_status(repo_id, status)
     
+    def try_set_indexing(self, repo_id: str) -> bool:
+        """
+        Atomically set status to 'indexing' only if not already indexing.
+        
+        Returns True if status was set, False if already indexing.
+        Use this instead of checking status then updating to prevent race conditions.
+        """
+        return self.db.try_set_indexing_status(repo_id)
+    
     def update_file_count(self, repo_id: str, count: int):
         """Update file count"""
         self.db.update_file_count(repo_id, count)
diff --git a/backend/services/supabase_service.py b/backend/services/supabase_service.py
@@ -94,6 +94,21 @@ def update_repository_status(self, repo_id: str, status: str) -> None:
         """Update repository status"""
         self.client.table("repositories").update({"status": status}).eq("id", repo_id).execute()
     
+    def try_set_indexing_status(self, repo_id: str) -> bool:
+        """
+        Atomically set status to 'indexing' only if not already indexing.
+        
+        Returns True if status was set, False if repo was already indexing.
+        This prevents TOCTOU race conditions where two requests could both
+        see status != 'indexing' and both start indexing.
+        """
+        result = self.client.table("repositories").update(
+            {"status": "indexing"}
+        ).eq("id", repo_id).neq("status", "indexing").execute()
+        
+        # If result.data is empty, no rows matched (already indexing)
+        return bool(result.data)
+    
     def update_file_count(self, repo_id: str, count: int) -> None:
         """Update repository file count"""
         self.client.table("repositories").update({"file_count": count}).eq("id", repo_id).execute()
