CWE-1322: Use of Blocking Code in Single-threaded, Non-blocking Context
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses a non-blocking model that relies on a single threaded process for features such as scalability, but it contains code that can block when it is invoked.
常见后果
影响范围: Availability
技术影响: DoS: Resource Consumption (CPU)
说明: An unexpected call to blocking code can trigger an infinite loop, or a large loop that causes the software to pause and wait indefinitely.
潜在缓解措施
阶段: Implementation
描述: Generally speaking, blocking calls should be replaced with non-blocking alternatives that can be used asynchronously. Expensive computations should be passed off to worker threads, although the correct approach depends on the framework being used.
阶段: Implementation
描述: For expensive computations, consider breaking them up into multiple smaller computations. Refer to the documentation of the framework being used for guidance.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |