...
Failure to enclose calls to the cnd_wait() or cnd_timedwait() functions inside a while loop can lead to indefinite blocking and denial of service (DoS).
Rule | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
CON36-C | Low | Unlikely | Yes |
No | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| LANG.STRUCT.ICOL | Inappropriate Call Outside Loop | ||||||
| Cppcheck Premium |
| premium-cert-con36-c | |||||||
| Helix QAC |
| C2027 | |||||||
| Klocwork |
| CERT.CONC.WAKE_IN_LOOP_C | |||||||
| Parasoft C/C++test |
| CERT_C-CON36-a | Wrap functions that can spuriously wake up in a loop | ||||||
| Polyspace Bug Finder |
| CERT C: Rule CON36-C | Checks for situations where functions that can spuriously wake up are not wrapped in loop (rule fully covered) |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT Oracle Secure Coding Standard for Java | THI03-J. Always invoke wait() and await() methods inside a loop | Prior to 2018-01-12: CERT: Unspecified Relationship |
Bibliography
...
atomic_compare_exchange Generic Functions"[Lea 2000] | 1.3.2, "Liveness" |
...
...