...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <threads.h>
struct node_t {
void *node;
struct node_t *next;
};
struct node_t list;
static mtx_t lock;
static cnd_t condition;
void consume_list_element(void) {
if (thrd_success != mtx_lock(&lock)) {
/* Handle error */
}
while (list.next == NULL) {
if (thrd_success != cnd_wait(&condition, &lock)) {
/* Handle error */
}
}
/* Proceed when condition holds */
if (thrd_success != mtx_unlock(&lock)) {
/* Handle error */
}
} |
Risk Assessment
Failure to encase the cnd_wait() or cnd_timedwait() functions inside a while loop can lead to indefinite blocking and denial of service (DoS).
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON44CON36-C | Low | Unlikely | Medium | P2 | L3 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| CERT Oracle Secure Coding Standard for Java | THI03-J. Always invoke wait() and await() methods inside a loop |
...