[metadata]
id = "POS38-C"
type = "rule"
category = "POS"
number = 38
title = "Beware of race conditions when using fork and file descriptors"
description = """
When forking a child process, file descriptors are copied to the child process,
which can result in concurrent operations on the file. Concurrent operations on
the same file can cause data to be read or written in a nondeterministic order,
creating race conditions and unpredictable behavior. In this example, the
programmer wishes to open a file, read a character, fork, and then have both
parent and child process read the second character of the file independently.
However, because both processes share a file descriptor, one process might get
the second character, and one might get the third. Furthermore, there is no
guarantee the reads are atomic—the processes might get unpredictable results.
Regardless of what the programmer is trying to accomplish with this code, this
code is incorrect because it contains a race condition. char c; pid_t pid; int
fd = open(filename, O_RDWR); if (fd == -1) { /* Handle error */ } read(fd, &c,
1); printf("root process:%c\n",c); pid = fork(); if (pid == -1) { /* Handle
error */ } if (pid == 0) { /*child*/ read(fd, &c, 1); printf("child:%c\n",c); }
else { /*parent*/ read(fd, &c, 1); printf("parent:%c\n",c); }
"""
severity = "Medium"
likelihood = "Unlikely"
priority = "P2"
level = "L3"
cert_version = "2016 Edition (Wiki)"
last_modified = "May 05, 2025"
[rules.cert_c.POS38-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/POS38-C.+Beware+of+race+conditions+when+using+fork+and+file+descriptors"