The present disclosure relates to testing computer software applications in general, and more particularly to detecting race condition vulnerabilities in computer software applications.
Race conditions are often the cause of subtle functional bugs in multi-threaded software systems. Beyond functional problems, race conditions can also potentially lead to security vulnerabilities. For example, in one well-known race condition example an attacker may read and alter protected files in the Unix™ file system. In another well-known example, race conditions arise due to interaction between a web-based application and an underlying relational database, thereby exposing the database to unauthorized access.
Discovering race conditions is challenging in that, by definition, they manifest only in specific thread interleavings. Static analysis suffers from inherent limitations in modeling thread interleavings in a sound and accurate manner, and thus typically yields highly inaccurate results in detecting race conditions in industry-scale applications where scalability is key. Dynamic testing, on the other hand, is challenged by the fact that most thread interleavings do not highlight a latent race condition, and thus running the subject application a small number of times is unlikely to yield satisfactory coverage. Checking all possible interleavings is also impractical for large applications, and thus effective testing for data races remains a challenge.