CERT.POS.THREAD.ASYNC

Do not use threads that can be canceled asynchronously.

Vulnerability and risk

In threading, pthreads can optionally be set to cancel immediately or defer until a specific cancellation point. Canceling asynchronously (immediately) is dangerous, however, because most threads are in fact not safe to cancel immediately. For example, canceling asynchronously can result in locks/mutexes not being released.

Mitigation and prevention

Don't pass PTHREAD_CANCEL_ASYNCHRONOUS to pthread_setcanceltype(). Use pthread_testcancel() in a thread to test for cancellation when it is safe to stop the thread.

Example

Copy

1
2
3
if ((result = pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS,&i)) != 0) {
    /* handle error */
  }

A violation will be reported on line 1.

External guidance

CERT POS47-C: Do not use threads that can be canceled asynchronously

CERT.POS.THREAD.ASYNC_CANCEL

Vulnerability and risk

Mitigation and prevention

Example

External guidance