Race Condition CWE-362

Definition

A race condition occurs in a multithreaded application when two or more threads can access shared data and they try to change it at the same time. One classic example of a race condition is the read-modify-write scenario which happens when two processes read a value in a program and write back a new value. Such processes are expected to happen sequentially such that the first process produces its value and then the second process reads that value.?

Example

In the PHP source code snippet above, a check is done for each withdrawal request to ensure that there are enough funds in the account before processing the request (Ln 7). The new account balance is set after the transaction is complete by deducting the withdrawn amount from the original balance (Ln 8 & 10). However, if two withdrawal requests are received at the same time, the system may read the same account balance for both processes and give an incorrect account balance value, resulting to the account being overdrawn.?

As illustrated in the flow chart above, thread B invokes the balance check request before thread A executes the set balance command allowing an overdraft through by thread B.

Detection and Prevention

It's encouraged to design software in a secure manner to avoid race conditions as they are usually difficult to detect and identify. Shared state should be avoided and thread synchronization procedures should be put in place. Modern static analysis and dynamic analysis tools such Veracode, SonarQube and Go Race Detector can assist in identifying race condition flaws in some instances.