SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 83

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 84

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
languagec
#include <stdio.h>
#include <stdlib.h>
#include <stdatomic.h>
 
void doStuff(atomic_int* ps) {
  printf("NON-VOLATILE");
  switch (atomic_load(ps)) {
    case 0: {printf("0"); break;}
    case 1: {printf("1"); break;}
    case 2: {printf("2"); break;}
    case 3: {printf("3"); break;}
    case 4: {printf("4"); break;}
    default: {printf("default"); break;}
  }
}

Compliant Solution (Fences)

The bug was actually resolved by erecting fences around the switch statement.

Code Block
bgColor#ccccff
languagec
#include <stdio.h>
#include <stdlib.h>
#include <stdatomic.h>
 
void doStuff(int* ps) {
  printf("NON-VOLATILE");
  atomic_thread_fence(memory_order_acquire);
  switch (*ps) {
    case 0: {printf("0"); break;}
    case 1: {printf("1"); break;}
    case 2: {printf("2"); break;}
    case 3: {printf("3"); break;}
    case 4: {printf("4"); break;}
    default: {printf("default"); break;}
  }
  atomic_thread_fence(memory_order_release);
}

Risk Assessment

Race conditions caused by multiple threads concurrently accessing and modifying the same data can lead to abnormal termination and denial-of-service attacks or data integrity violations.

...