Race Condition within a Thread
Weakness ID: 366 (Weakness Base)Status: Draft
+ Description

Description Summary

If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

C

C++

Java

.NET

+ Common Consequences
ScopeEffect
Integrity

The main problem is that -- if a lock is overcome -- data could be altered in a bad state.

+ Likelihood of Exploit

Medium

+ Demonstrative Examples

Example 1

(Bad Code)
Example Languages: C and C++ 
int foo = 0;
int storenum(int num) {
static int counter = 0;
counter++;
if (num > foo) foo = num;
return foo;
}
(Bad Code)
Example Language: Java 
public classRace {
static int foo = 0;
public static void main() {

new Threader().start();
foo = 1;
}
public static class Threader extends Thread {

public void run() {
System.out.println(foo);
}
}
}
+ Potential Mitigations

Phase: Architecture and Design

Use locking functionality. This is the recommended solution. Implement some form of locking mechanism around code which alters or reads persistent data in a multi-threaded environment.

Phase: Architecture and Design

Create resource-locking sanity checks. If no inherent locking mechanisms exist, use flags and signals to enforce your own blocking scheme when resources are being used by other threads of execution.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class362Race Condition
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory557Concurrency Issues
Development Concepts699
ChildOfCategoryCategory634Weaknesses that Affect System Processes
Resource-specific Weaknesses (primary)631
ChildOfCategoryCategory748CERT C Secure Coding Section 50 - POSIX (POS)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant572Call to Thread run() instead of start()
Development Concepts (primary)699
Research Concepts (primary)1000
PeerOfWeakness BaseWeakness Base365Race Condition in Switch
Research Concepts1000
+ Affected Resources
  • System Process
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CLASPRace condition within a thread
CERT C Secure CodingPOS00-CAvoid race conditions with multiple threads
+ Related Attack Patterns
CAPEC-IDAttack Pattern Name
(CAPEC Version: 1.4)
26Leveraging Race Conditions
29Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Common Consequences, Relationships, Taxonomy Mappings
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
Back to top