Time and State
|ID: 361||Date: (C)2012-05-14 (M)2018-12-17|
|Type: category||Status: INCOMPLETE|
Weaknesses in this category are related to the improper
management of time and state in an environment that supports simultaneous or
near-simultaneous computation by multiple systems, processes, or
Extended DescriptionDistributed computation is about time and state. That is, in order for
more than one component to communicate, state must be shared, and all that
takes time. Most programmers anthropomorphize their work. They think about
one thread of control carrying out the entire program in the same way they
would if they had to do the job themselves. Modern computers, however,
switch between tasks very quickly, and in multi-core, multi-CPU, or
distributed systems, two events may take place at exactly the same time.
Defects rush to fill the gap between the programmer's model of how a program
executes and what happens in reality. These defects are related to
unexpected interactions between threads, processes, time, and information.
These interactions happen through shared state: semaphores, variables, the
file system, and, basically, anything that can store information.
Related Attack Patterns
|CWE-361 ChildOf CWE-18 ||Category ||CWE-699 || |
White Box Definitions None
Black Box Definitions None
|7 Pernicious Kingdoms || ||Time and State || |