Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

Pthread Mutual Exclusion mutual exclusion (Mutexmutex) locks are used to avoid simultaneous usage of common resources. There are several Several types of mutex locks are defined by pthreads which include : NORMAL, ERRORCHECK, RECURSIVE, and DEFAULT.

Wiki MarkupPOSIX defines POSIX describes PTHREAD_MUTEX_NORMAL locks to have the following undefined behavior \[[Open Group 4|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-OpenGroup04] \] locks as having the following undefined behavior [Open Group 2004]:

This type of mutex does not provide deadlock detection. A thread attempting to relock this mutex without first unlocking it shall deadlock. An error is not returned to the caller. Attempting to unlock a mutex locked by a different thread results in undefined behavior. Attempting to unlock an unlocked mutex results in undefined behavior.

...

The DEFAULT mutex type of pthreads is also generally mapped to mutex pthread is also generally mapped to PTHREAD_MUTEX_NORMAL, but is known to vary from platform to platform \[[SOL 10|http://docs.sun.com/app/docs/doc/816-5137/sync-28983?a=view] \]. Usage of NORMAL locks should thus be avoided and ERRORCHECK or RECURSIVE locks should be explicitly defined when using mutex locks[SOL 2010]. Consequently, NORMAL locks should not be used, and ERRORCHECK or RECURSIVE locks should be defined explicitly when mutex locks are used.

Noncompliant Code Example

The non compliant This noncompliant code example shows a simple mutex being created using PTHREAD_MUTEX_NORMAL. It should be noted that no return code is expected by the caller when NORMAL mutexes Note that the caller does not expect a return code when NORMAL mutex locks are used.

Code Block
bgColor#FFcccc
langc

 pthread_mutexattr_t attr;
 pthread_mutex_t mutex;
 size_t const shared_var = 0;

 int main(void) {
  int result;

  if ((result int rc =0;

     rc= pthread_mutexattr_init(&attr)) != 0) {
    /* Handle Error */
  }
  if ((result = pthread_mutexattr_settype(&mutexattr, PTHREAD_MUTEX_NORMAL);
     if(rc) != 0) {
       /* Handle Error */
     }

  if ((result  rc = pthread_mutex_init(&mutex, &attr);
     if(rc ) != 0) {
       /* Handle Error */
     }


  if ((result = pthread_mutex_lock(&mutex);
)) != 0) {
    /* Handle Error */
   }

  /* Critical Region*/

  if ((result = pthread_mutex_unlock(&mutex);
)) != 0) {
    /* Handle Error */
  }

   return 0;
 }

Compliant Solution

The This compliant solution shows a pthread an ERRORCHECK mutex lock being created with type PTHREAD_MUTEX_ERRORCHECK where so that return codes will be available during locking and unlocking.:

Code Block
bgColor#ccccff
langc

 pthread_mutexattr_t attr;
 pthread_mutex_t mutex;
 size_t const shared_var = 0;

 int main(void) {
  int result;

  int rc =0;

     rc if ((result = pthread_mutexattr_init(&attr)) != 0) {
    /* Handle Error */
  }
  if ((result = pthread_mutexattr_settype(&mutexattr, PTHREAD_MUTEX_ERRORCHECK));
     if(rc != 0) {
       /* Handle Error */
     }


     rcif ((result = pthread_mutex_init(&mutex, &attr);
     if(rc) != 0) {
       /* Handle Error */
     }


  if ((result  rc = pthread_mutex_lock(&mutex);
     if(rc ) != 0) {
       /* Handle Error */
     }

     /* Critical Region*/

     rcif ((result = pthread_mutex_unlock(&mutex);
     if(rc) != 0) {
       /* Handle Error */
     }


     return 0;
 }

Risk Assessment

Using NORMAL pthread mutex locks can lead to deadlocks or abnormal program termination.

Recommendation

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

POS04-C

Low

low

Unlikely

unlikely

Yes

medium

Yes

P1

P3

L3

References

Automated Detection

Tool

Version

Checker

Description

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Fully supported

Bibliography


...

Image AddedImage AddedImage Added Wiki Markup\[[Open Group 4|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-OpenGroup04] \] \[[SOL 10|http://docs.sun.com/app/docs/doc/816-5137/sync-28983?a=view] \]