Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Content by Label
showLabelsfalse
maxResults99
label+sig,+rule,-void
showSpacefalse
sorttitle
spacecom.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
cqllabel = "sig" and label = "rule" and label != "void" and space = currentSpace()

Info

Information for Editors
In order to have a new guideline automatically listed above be sure to label it sig and rule.

Risk Assessment Summary

Rule

Severity

Likelihood

Detectable

Repairable

Priority

Level

SIG30-CHighLikelyYesNo

P18

L1

SIG31-CHighLikelyYesNo

P18

L1

SIG34-CLowUnlikelyYesNo

P2

L3

SIG35-CLowUnlikelyNoNo

P1

L3

Related Rules and Recommendations

Navigation Map
signal
signal
cellWidth700
wrapAfter1
cellHeight15

...

Image Added Image Added Image Added

A signal is a mechanism for transferring control, that is typically used to notify a process that an event has occurred. That process can then respond to that event accordingly. C99 provides functions for sending and handling signals within a C program.

Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:

Code Block

typedef void (*SighandlerType)(int signum);
extern SighandlerType signal(int signum, SighandlerType handler);

(Note that the signal handler function type will have different names on different implementations.)

Improper handling of signals can lead to security vulnerabilities. The following rules and recommendations are meant to eliminate common errors associated with signal handling.

Recommendations

SIG00-A. Mask signals handled by non-interruptible signal handlers

SIG01-A. Understand implementation-specific details regarding signal handler persistence

SIG02-A. Avoid using signals to implement normal functionality

Rules

SIG30-C. Call only asynchronous-safe functions within signal handlers

SIG31-C. Do not access or modify shared objects in signal handlers

SIG32-C. Do not call longjmp() from inside a signal handler

SIG33-C. Do not recursively invoke the raise() function

SIG34-C. A signal handler should not re-assert itself

Risk Assessment Summary

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

SIG00-A

3 (high)

3 (likely)

1 (high)

P9

L2

SIG01-A

1 (low)

1 (unlikely)

3 (low)

P3

L3

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SIG30-C

3 (high)

3 (likely)

1 (high)

P9

L2

SIG31-C

3 (high)

3 (likely)

1 (high)

P9

L2

SIG32-C

3 (high)

3 (likely)

1 (high)

P9

L2

SIG33-C

1 (low)

1 (unlikely)

2 (medium)

P2

L3

SIG34-C

1 (low)

1 (unlikely)

3 (low)

P3

L3

ENV33-C. Do not call the longjmp function to terminate a call to a function registered by atexit()      11. Environment (ENV)