Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Deadlock prevents multiple threads from progressing, halting program execution. A denial-of-service attack is possible if the attacker can create the conditions for deadlock.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

CON35-C

Low

Probable

Medium

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

ToolVersionCheckerDescription
Astrée
Include Page
Astrée_V
Astrée_V
deadlockSupported by sound analysis (deadlock alarm)
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
CONCURRENCY.LOCK.ORDERConflicting lock order
Coverity
6.5DEADLOCKFully implemented
Include Page
Coverity_V
Coverity_V
ORDER_REVERSALFully implemented
Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-con35-cPartially implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C1772, C1773
Klocwork
Include Page
Klocwork_V
Klocwork_V

CONC.DL
CONC.NO_UNLOCK


Parasoft C/C++test
9.5BD-TRS-DLOCKFully implemented

Related Guidelines

Include Page
Parasoft_V
Parasoft_V
CERT_C-CON35-a

Do not acquire locks in different order

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2462

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule CON35-C

Checks for deadlock (rule partially covered)

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT Oracle Secure Coding Standard for JavaLCK07-J. Avoid deadlock by requesting and releasing locks in the same order
MITRE CWECWE-764, Multiple Locks of a Critical Resource
Prior to 2018-01-12: CERT: Unspecified Relationship

  

...

Image Modified Image Modified Image Modified