CWE-412: Unrestricted Externally Accessible Lock

Description

The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE
Extended Description

This prevents the product from acting on associated resources or performing other behaviors that are controlled by the presence of the lock. Relevant locks might include an exclusive lock or mutex, or modifying a shared resource that is treated as a lock. If the lock can be held for an indefinite period of time, then the denial of service could be permanent.

Example Vulnerable Codes

Example - 1

This code tries to obtain a lock for a file, then writes to it.


// //attempt to get logfile lock// 

// // unlock logfile// 
fwrite($logfile,$message);flock($logfile, LOCK_UN);
print "Could not obtain lock on logFile.log, message not recorded\n";$logfile = fopen("logFile.log", "a");if (flock($logfile, LOCK_EX)) {}else {}
function writeToLog($message){}fclose($logFile);

PHP by default will wait indefinitely until a file lock is released. If an attacker is able to obtain the file lock, this code will pause execution, possibly leading to denial of service for other users. Note that in this case, if an attacker can perform an flock() on the file, they may already have privileges to destroy the log file. However, this still impacts the execution of other programs that depend on flock().

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 22, 2024 5:47