ABSTRACT

If a thread fails to unlock a mutex after signaling other threads, the other threads will remain locked waiting on the mutex.

EXPLANATION

After a thread signals other threads waiting on a mutex, it must unlock the mutex by calling pthread_mutex_unlock() before another thread can begin running. If the signaling thread fails to unlock the mutex, the pthread_cond_wait() call in the second thread will not return and the thread will not execute.

Example 1: The following code signals another thread waiting on a mutex by calling pthread_cond_signal(), but fails to unlock the mutex the other thread is waiting on.


...
pthread_mutex_lock(&count_mutex);

// Signal waiting thread
pthread_cond_signal(&count_threshold_cv);
...

REFERENCES

[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A9 Application Denial of Service

[2] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP6080 CAT II

[3] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 373

[4] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 6.5.9