...
Signal masks, floating-point status flags, and the state of open files are not saved by the setjmp() function. If signal masks need to be saved, the POXIS POSIX sigsetjmp() function should be used.
This recommendation is related to VOID SIG32SIG30-C. Do not call longjmp() from inside a signal handler and Call only asynchronous-safe functions within signal handlers and ENV32-C. All exit handlers must return normally.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
jmp_buf buf;
void f(void) {
volatile int i = 0;
if (setjmp(buf) != 0) {
printf("%i\n", i);
/* ... */
}
i = 2;
g();
}
void g(void) {
/* ... */
longjmp(buf, 1);
}
|
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC22-C | Low | Probable | Medium | P4 | L3 |
Automated Detection
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| BADFUNC.LONGJMP BADFUNC.SETJMP | Use of longjmp Use of setjmp | ||||||
| LDRA tool suite |
| 43 S | Enhanced enforcement | ||||||
| Parasoft C/C++test |
| CERT_C-MSC22-a | The setjmp macro and the longjmp function shall not be used | ||||||
| Polyspace Bug Finder |
| CERT C: Rec. MSC22-C | Checks for use of setjmp |
...
| /longjmp (rec. fully covered) | |||||||||
| SonarQube C/C++ Plugin |
| S982 |
...