Time and State
Time and state related issues may happen when multiple system, processes or threads are involved and share data. These problems mainly occur because the developer thinks about programs as if they were executing the job manually.
Examples
- Deadlock
- Poor usage of locking mechanisms
- File access race conditions: TOCTOU (time of check - time of use)
- The time window between checking a file property and using the file may be exploited. For example, a program may check whether a file exists and then open it. In the meantime, the file may have been replaced by another
- Re-using session IDs after authentication