Page History

Accessing the stack or thread-local variables of a thread from another thread can cause invalid memory accesses because the execution of threads can be interwoven within the constraints of the synchronization model. As a result, the referenced stack frame or thread-local variable may not be valid when the other thread tries to access it. Regular shared variables should be protected by thread synchronization mechanisms. However, local variables should not be shared in the same fashion because the referenced stack frame's thread would have to stop executing, or some other way must be found to ensure that the referenced stack frame is still valid. See CON32-C. Prevent data races when accessing adjacent data by bit-fields from multiple threads for information on how to securely share nonautomatic and non-thread-local variables. See DCL30-C. Declare objects with appropriate storage durations for information on how to declare objects with appropriate storage durations when data is not being shared between threads. Note that this is a specific instance of CON34-C. Declare objects shared between threads with appropriate storage durations for POSIX threads.

...

Threads that reference the stack of other threads can potentially overwrite important information on the stack, such as function pointers and return addresses. However, it would be difficult for an attacker to exploit this code from this error alone. The compiler will not generate warnings if the programmer decides to give another thread access to one thread's local variables, so a programmer may not catch a potential error at compile time. The remediation cost for this error is high because analysis tools have difficulty diagnosing problems with concurrency and race conditions.

Automated Detection

Bibliography

...

...

Image ModifiedImage ModifiedImage Modified