Singleton Class Instance Creation without Proper Locking or Synchronization
Incomplete Variant
Structure: Simple
Description
The product implements a Singleton design pattern but does not use appropriate locking or other synchronization mechanism to ensure that the singleton class is only instantiated once.
This issue can prevent the product from running reliably, e.g. by making the instantiation process non-thread-safe and introducing deadlock (CWE-833) or livelock conditions. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
Common Consequences 1
Scope: Other
Impact: Reduce Reliability
References 1
Automated Source Code Reliability Measure (ASCRM)
Object Management Group (OMG)
01-2016
ID: REF-961
Related Weaknesses
ChildOf:
Missing Synchronization (CWE-820)
ChildOf:
Improper Synchronization (CWE-662)
ChildOf:
Improper Synchronization (CWE-662)
Taxonomy Mapping
- OMG ASCRM