VariantDraft

CWE-585Empty Synchronized Block

Category: logic

Description

The product contains an empty synchronized block. An empty synchronized block does not actually accomplish any synchronization and may indicate a troubled section of code. An empty synchronized block can occur because code no longer needed within the synchronized block is commented out without removing the synchronized block.

Common consequences· 1

  • Other — Other
    An empty synchronized block will wait until nobody else is using the synchronizer being specified. While this may be part of the desired behavior, because you haven't protected the subsequent code by placing it inside the synchronized block, nothing is stopping somebody else from modifying whatever it was you were waiting for while you run the subsequent code.

Potential mitigations· 1

  • [Implementation]When you come across an empty synchronized statement, or a synchronized statement in which the code has been commented out, try to determine what the original intentions were and whether or not the synchronized block is still necessary.

References

  1. https://cwe.mitre.org/data/definitions/585.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Empty Code Block
CWE
Deadlock
CWE
Dead Code
CWE
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE
Missing Synchronization
CWE
Missing Lock Check
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.