Tag Archives: CVE-2019-13351

CWE-1341 – Multiple Releases of Same Resource or Handle

Read Time:1 Minute, 20 Second

Description

The product attempts to close or release a resource or handle more than once, without any successful open between the close operations.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-675
CWE-672

 

Consequences

Availability, Integrity: DoS: Crash, Exit, or Restart

 

Potential Mitigations

Phase: Implementation

Description: 

Change the code’s logic so that the resource is only closed once. This might require simplifying or refactoring. This fix can be simple to do in small code blocks, but more difficult when multiple closes are buried within complex conditionals.

Phase: Implementation

Description: 

It can be effective to implement a flag that is (1) set when the resource is opened, (2) cleared when it is closed, and (3) checked before closing. This approach can be useful when there are disparate cases in which closes must be performed. However, flag-tracking can increase code complexity and requires diligent compliance by the programmer.

Phase: Implementation

Effectiveness: Defense in Depth

Description: 

When closing a resource, set the resource’s associated variable to NULL or equivalent value for the given language. Some APIs will ignore this null value without causing errors. For other APIs, this can lead to application crashes or exceptions, which may still be preferable to corrupting an unintended resource such as memory or data.

CVE References

  • CVE-2019-13351
    • file descriptor double close can cause the wrong file to be associated with a file descriptor.
  • CVE-2006-5051
    • Chain: Signal handler contains too much functionality (CWE-828), introducing a race condition that leads to a double free (CWE-415).
  • CVE-2004-0772
    • Double free resultant from certain error conditions.