CWE
Home > CWE List > CWE-361 Individual Dictionary Definition (Draft 9)   View the CWE List

CWE-361 Individual Dictionary Definition (Draft 9)

Time and State
Category ID
Status: Incomplete

361 (Category)

Description

Summary

Distributed computation is about time and state. That is, in order for more than one component to communicate, state must be shared, and all that takes time. Most programmers anthropomorphize their work. They think about one thread of control carrying out the entire program in the same way they would if they had to do the job themselves. Modern computers, however, switch between tasks very quickly, and in multi-core, multi-CPU, or distributed systems, two events may take place at exactly the same time. Defects rush to fill the gap between the programmer's model of how a program executes and what happens in reality. These defects are related to unexpected interactions between threads, processes, time, and information. These interactions happen through shared state: semaphores, variables, the file system, and, basically, anything that can store information.

Relationships
NatureTypeIDName
ChildOfCategoryCategory18Source Code
ParentOfCategoryCategory371State Issues
ParentOfCategoryCategory376Temporary File Issues
ParentOfCategoryCategory380Technology-Specific Time and State Issues
ParentOfCategoryCategory557Concurrency Issues
ParentOfWeakness ClassWeakness ClassWeakness Class362Race Condition
ParentOfWeakness BaseWeakness BaseWeakness Base385Covert Timing Channel
ParentOfWeakness BaseWeakness BaseWeakness Base386Symbolic Name not Mapping to Correct Object
ParentOfWeakness ClassWeakness ClassWeakness Class387Signal Errors
ParentOfWeakness BaseWeakness BaseWeakness Base412Unrestricted Lock on Critical Resource
ParentOfWeakness BaseWeakness BaseWeakness Base662Insufficient Synchronization
ParentOfWeakness BaseWeakness BaseWeakness Base664Insufficient Control of a Resource Through its Lifetime
ParentOfWeakness ClassWeakness ClassWeakness Class668Exposure of Resource to Wrong Sphere
ParentOfWeakness ClassWeakness ClassWeakness Class669Incorrect Resource Transfer Between Spheres
ParentOfWeakness ClassWeakness ClassWeakness Class673External Influence of Sphere Definition
ParentOfCompound Element: CompositeCompound Element: Composite384Session Fixation
Source Taxonomies

7 Pernicious Kingdoms - Time and State

Related Attack Patterns
CAPEC-IDAttack Pattern Name
61Session Fixation
Page Last Updated: April 22, 2008