...
The risks of ignoring mutex ownership are similar to the risk of not using mutexes at all, which can result in a violation of data integrity.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
POS48-C |
Medium |
Probable |
High | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description |
---|
CodeSonar |
| CONCURRENCY.DU | Double Unlock | ||||||
Helix QAC |
| DF4971, DF4972, DF4981, DF4982 | |||||||
Parasoft C/C++test |
| CERT_C-POS48-a | Do not destroy another thread's mutex | ||||||
| CERT C: Rule POS48-C | Checks for destruction of locked mutex (rule fully covered) |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
---|---|---|
CWE 2.11 |
CWE-667, Insufficient locking | 2017-07-10: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-667 and CON31-C/POS48-C
Intersection( CON31-C, POS48-C) = Ø
CWE-667 = Union, CON31-C, POS48-C, list) where list =
- Locking & Unlocking issues besides unlocking another thread’s C mutex or pthread mutex.
Bibliography
...
...