Page History

...

Race conditions caused by multiple threads invoking the same library function can lead to abnormal termination of the application, data integrity violations, or a denial-of-service attack.

Rule	Severity	Likelihood	Detectable	RepairableRemediation Cost	Priority	Level
CON33-C	Medium	Probable	No	NoHigh	P4	L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

Supported, but no explicit checker

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

BADFUNC.RANDOM.RAND
BADFUNC.TEMP.TMPNAM
BADFUNC.TTYNAME

Use of rand (includes check for uses of srand())
Use of tmpnam (includes check for uses of tmpnam_r())
Use of ttyname

Compass/ROSE

A module written in Compass/ROSE can detect violations of this rule

Cppcheck Premium

Include Page

	Cppcheck Premium_V
	Cppcheck Premium_V

premium-cert-con33-c

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C5037

C++5021

DF4976, DF4977

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

CERT.CONC.LIB_FUNC_USE

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

44 S

Partially Implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-CON33-a

Avoid using thread-unsafe functions

PC-lint Plus

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

586

Fully supported

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule CON33-C

Checks for data race through standard library function call (rule fully covered)

Related Guidelines

Key here (explains table format and definitions)

...

Space shortcuts

Page tree

Versions Compared

Old Version 117

New Version 118

Key

Related Vulnerabilities

Related Guidelines