A signal is an interrupt that is used to notify a process that an event has occurred. That process can then respond to that event accordingly. C99 provides functions for sending and handling signals within a C program.
Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:
void (*signal(int sig, void (*func)(int)))(int);
Improper handling of signals can lead to security vulnerabilities. The following rules and recommendations are meant to eliminate common errors associated with signal handling.
Recommendations
SIG00-A. Avoid using the same handler for multiple signals
SIG01-A. Understand implementation-specific details regarding signal handler persistence
Rules
SIG30-C. Call only asynchronous-safe functions within signal handlers
SIG31-C. Do not access or modify shared objects in signal handlers
SIG32-C. Do not call longjmp() from inside a signal handler
SIG33-C. Do not recursively invoke the raise() function
Risk Assessment Summary
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG00-A |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG01-A |
1 (low) |
1 (unlikely) |
3 (low) |
P3 |
L3 |
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG30-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG31-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG32-C |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
SIG33-C |
1 (low) |
1 (unlikely) |
2 (medium) |
P2 |
L3 |