Missing Mutex Unlock Before Return
Description
Missing mutex unlock before returning from a function. This could result in panics resulting from double lock operations
Examples
Insecure Code
go
func example() { mu.Lock(); return }Secure Code
go
func example() { mu.Lock(); defer mu.Unlock(); return }Remediation
Add a call to Unlock() on the mutex variable before returning from the function, or use a defer statement to ensure Unlock() is called when the function returns
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0480 |
| Category | Concurrency |
| Severity | HIGH |
| CWE | CWE-667 |
| Confidence | MEDIUM |
| Impact | MEDIUM |
| Likelihood | HIGH |
| Exploitability | EASY |
| Tags | mutex, lock, unlock |
| OWASP | N/A |
References
- https://pkg.go.dev/sync#Mutex
- https://blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/