Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 118

changes.mady.by.user Unknown User (lflynn)

Saved on Oct 19, 2018

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on May 05, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Comment: REM Cost Reform

...

SIG31-C-EX1: The C Standard, 7.14.1.1 paragraph 5 [ISO/IEC 9899:20112024], makes a special exception for errno when a valid call to the signal() function results in a SIG_ERR return, allowing errno to take an indeterminate value. (See ERR32-C. Do not rely on indeterminate values of errno.)

the signal function with the first argument equal to the signal number corresponding to the signal that caused the invocation of the handler. Furthermore, if such a call to the signal function results in a SIG_ERR return, the object designated by errno has an indeterminate representation.

Risk Assessment

Accessing or modifying shared objects in signal handlers can result in accessing data in an inconsistent state. Michal Zalewski's paper "Delivering Signals for Fun and Profit" [Zalewski 2001] provides some examples of vulnerabilities that can result from violating this and other signal-handling rules.

Rule	Severity	Likelihood	Detectable	Remediation CostRepairable	Priority	Level
SIG31-C	High	Likely	Yes	HighNo	P9P18	L2L1

Automated Detection

Tool

Version

Checker

Description

Include Page

	Astrée_V
	Astrée_V

signal-handler-shared-access

Partially checked

Axivion Bauhaus Suite

Include Page

	Axivion Bauhaus Suite_V
	Axivion Bauhaus Suite_V

CertC-SIG31

Include Page

	CodeSonar_V
	CodeSonar_V

CONCURRENCY.DATARACE

Data race

Can detect violations of this rule for single-file programs

Cppcheck Premium

24.9.0

premium-cert-sig31-c

Include Page

	Helix QAC_V
	Helix QAC_V

C2029, C2030

C++3854, C++3855

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

87 D

Fully implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_C-SIG31-a

Properly define signal handlers

Include Page

	PC-lint Plus_V
	PC-lint Plus_V

2765

Fully supported

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rule SIG31-C

Checks for shared Shared data access within signal handler

Access or modification of shared data causes inconsistent state

(rule partially covered)

Include Page

	RuleChecker_V
	RuleChecker_V

signal-handler-shared-access

Partially checked

...

Taxonomy

Taxonomy item

Relationship

ISO/IEC TS 17961:2013

Accessing shared objects in signal handlers [accsig]

Prior to 2018-01-12: CERT: Unspecified Relationship

CWE-662, Improper Synchronization

2017-07-10: CERT: Rule subset of CWE

CWE-828, Signal Handler with Functionality that is not Asynchronous-Safe

2017-10-30:MITRE:Unspecified Relationship

2018-10-19:CERT:Rule subset of CWE

CERT-CWE Mapping Notes

Key here for mapping notes

...

Improper synchronization of files between programs (enabling TOCTOU race conditions

CWE-828 and SIG31-C

CWE-828 = SIG31-C + non-async-safe things besides shared objects.

...

[C99 Rationale 2003]	5.2.3, "Signals and Interrupts"
[ISO/IEC 9899:20112024]	Subclause 7.14.1.1, "The `signal` Function"
[Zalewski 2001]

...