SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Hunter Pitelka

Saved on

compared with

New Version 7

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

When using the fork() commandforking a child process, file descriptors are copied between the two new processes and will cause concurrent operations to occur on the same to the child process which can result in concurrent operations on the file. This can cause data to be read or written in a non-deterministic order to or from a file.

...

Noncompliant Code Example

In this non compliant noncompliant code example, the programmer incorrectly accesses the file descriptor after the call to fork(). Independent on what the programmer is trying to accomplish with this code, it is still incorrect because it contains a race condition.

Code Block
bgColor#FFcccc
char c;
int pid;

int fd = open(filename, O_RDWR, 0);
if (fd == -1) {
  /* Handle error */
}
read(fd, &c, 1);
printf("root process:%c\n",c);

pid = fork();

if(pid == 0) {/*child*/
  read(fd, &c, 1);
  printf("child:%c\n",c);
}
else { /*parent*/
  read(fd, &c, 1);
  printf("parent:%c\n",c);
}

If the file accessed has contents "abc", the output of this program could be either

root process:a
parent: b
child: c

...

Code Block
bgColor#ccccff
char c;

int pid;

int fd = open(filename, O_RDWR, 0);
if (fd == -1) {
  /* Handle error */
}
read(fd,&c,1);
printf("root process:%c\n",c);

close(fd);

pid = fork();

if(pid == 0){/*child*/
  fd = open(filename, O_RDONLY, 0);
  read(fd, &c, 1);
  read(fd, &c, 1);
  printf("child:%c\n", c);
  close(fd);
}else{ /*parent*/
  fd = open(filename, O_RDWR, 0);
  read(fd, &c, 1);
  read(fd, &c, 1);
  printf("parent:%c\n", c);
  close(fd);
}

The output of this code is :

...

Because file descriptors access files in a sequential manner, the order in which the parent and child run can affect the order of access to the file, and because file descriptors are shared across multiple processes, this allows multiple processes to read/write from a file concurrently in a semi-random order. 

Risk Assessment

Because race conditions in code are extremely hard to find, this problem might not appear during standard debugging stages of development. However, depending on what file is being read from and how important the order of read operations is, this can be particular dangerous.

...