Description
The product uses a non-blocking model that relies on a single threaded process
for features such as scalability, but it contains code that can block when it is invoked.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Availability: DoS: Resource Consumption (CPU)
An unexpected call to blocking code can trigger an infinite loop, or a large loop that causes the software to pause and wait indefinitely.
Potential Mitigations
Phase: Implementation
Description:
Generally speaking, blocking calls should be
replaced with non-blocking alternatives that can be used asynchronously.
Expensive computations should be passed off to worker threads, although
the correct approach depends on the framework being used.
Phase: Implementation
Description:
For expensive computations, consider breaking them up into
multiple smaller computations. Refer to the documentation of the
framework being used for guidance.