SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Yash Shroff

Saved on

compared with

New Version 7

changes.mady.by.user Yash Shroff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
The DEFAULT mutex type of pthreads is also generally mapped to PTHREAD_MUTEX_NORMAL, but is known to vary from platform to platform \[[SOL 10|http://docs.sun.com/app/docs/doc/816-5137/sync-28983?a=view] \]. Usage of NORMAL locks should thus be avoided and ERRORCHECK or RECURSIVE locks should be explicitly defined when using mutex locks.

Noncompliant Code Example

The non compliant code example shows a simple mutex being created using PTHREAD_MUTEX_NORMAL. It should be noted that no return code is expected by the caller when NORMAL mutexes are used.

Code Block
bgColor#FFcccc
 pthread_mutexattr_t attr;
 pthread_mutex_t mutex;
 size_t const shared_var = 0;

 int main(){
     int rc =0;

     rc = pthread_mutexattr_settype(&mutex, PTHREAD_MUTEX_NORMAL);
     if(rc != 0){
       /* Handle Error */
     }

     rc = pthread_mutex_init(&mutex, &attr);
     if(rc != 0){
       /* Handle Error */
     }


     pthread_mutex_lock(&mutex);

     /* Critical Region*/

     pthread_mutex_unlock(&mutex);

     return 0;
 }

Compliant Solution

The compliant solution shows a pthread mutex lock being created with type PTHREAD_MUTEX_ERRORCHECK where return codes will be available during locking and unlocking.

Code Block
bgColor#ccccff
 pthread_mutexattr_t attr;
 pthread_mutex_t mutex;
 size_t const shared_var = 0;

 int main(){
     int rc =0;

     rc = pthread_mutexattr_settype(&mutex, PTHREAD_MUTEX_ERRORCHECK);
     if(rc != 0){
       /* Handle Error */
     }


     rc = pthread_mutex_init(&mutex, &attr);
     if(rc != 0){
       /* Handle Error */
     }


     rc = pthread_mutex_lock(&mutex);
     if(rc != 0){
       /* Handle Error */
     }

     /* Critical Region*/

     rc = pthread_mutex_unlock(&mutex);
     if(rc != 0){
       /* Handle Error */
     }


     return 0;
 }

Risk Assessment

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

POSXX POS04-C

high low

likely

medium

P12 P6

L1 L2

References

Wiki Markup
\[[Open Group 4|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-OpenGroup04] \]
\[[SOL 10|http://docs.sun.com/app/docs/doc/816-5137/sync-28983?a=view] \]