Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
int get_secret() {

    int secret = (rand() % 100) + 100;
    return secret;

}

Compliant Solution

The compliant solution uses a mutex to make each call to prevent concurrent access to the shared seed value used in rand() function atomic.

Code Block
bgColor#ccccff
#include <pthread.h>

pthread_mutex_t rand_lock = PTHREAD_MUTEX_INITIALIZER;

int get_secret() {

    int secret;

    pthread_mutex_lock(&rand_lock) ;
    secret = (rand() % 100) + 100;
    pthread_mutex_unlock(&rand_lock);

    return secret;

}

Risk Assessment

Race conditions caused by multiple threads invoking the same library function can lead to abnormal termination or may lead to data integrity violations

...