A signal is an interrupt that is used to notify a process that an event has occurred. That process can then respond to that event accordingly. C99 provides functions for sending and handling signals within a C program.
Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:
void (*signal(int sig, void (*func)(int)))(int);
Improper handling of signals can lead to security vulnerabilities. The following rules and recommendations are meant to eliminate common errors associated with signal handling.
Recommendations
SIG00-A. Avoid using the same handler for multiple signals
SIG01-A. Understand implementation-specific details regarding signal handler persistence
Rules
SIG30-C. Only call async-safe functions within signal handlers
SIG31-C. Do not access or modify shared objects in signal handlers
SIG32-C. Do not call longjmp() from inside a signal handler
Risk Assessment Summary
Recommendations
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG00-A |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG01-A |
1 (high) |
1 (likely) |
3 (low) |
P3 |
L3 |
Rules
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG30-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG31-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG32-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG33-C |
1 (low) |
1 (uinlikely) |
3 (low) |
P3 |
L3 |