...
Race conditions caused by multiple threads concurrently accessing and modifying the same data can lead to abnormal termination and denial-of-service attacks or data integrity violations.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON43-C | Medium | Probable | High | P4 | L3 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| CONCURRENCY.DATARACE | Data race | ||||||
| Coverity |
| MISSING_LOCK (partial) | Implemented | ||||||
| Parasoft C/C++test |
| SECURITY-19 | Implemented | ||||||
| Polyspace Bug Finder | R2016a | Data race | Multiple tasks perform unprotected non-atomic operations on shared variables |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CWE 2.11 | CWE-366, Race condition within a thread | 2017-07-07: CERT: Exact |
Bibliography
| [ISO/IEC 9899:2011] | 5.1.2.4, "Multi-threaded Executions and Data Races" 7.17.2, "Initialization" |
| [C99 Rationale 2003] |
| [Dowd 2006] | Chapter 13, "Synchronization and State" |
| [Plum 2012] |
| [Seacord 2013] | Chapter 8, "File I/O" |
...
...