No direct issues come from using the same handler for multiple signals, but it broadens your susceptibility to other vulnerabilities. For instance, be careful that a program doesn't generate two similar signals linked to the same handler, and the code to deal with it get executed twice asynchronously.
Non-Compliant Coding Example
The program is intended to clean up and terminate when it receives either a SIGINT or a SIGTERM. However, if a SIGINT is generated, and then a SIGTERM is generated after the call to free(), but before _Exit() is reached, a double free() will occur.
#include <signal.h>
char *global_ptr;
void handler() {
free(global_ptr);
_Exit(-1);
}
int main() {
global_ptr = malloc(16);
if (global_ptr == NULL) {
/* handle error condition */
}
signal(SIGINT, handler);
signal(SIGTERM, handler);
/* program code */
return 0;
}
Risk Assessment
Depending on the code, this could lead to any number of attacks, many of which could give root access. For an overview of some software vulnerabilities, see Zalewski's signal article.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
SIG00-A |
3 (high) |
3 (likely) |
1 (high) |
P9 |
L2 |
References
[[ISO/IEC 03]] "Signals and Interrupts"
[[Open Group 04]] longjmp
[OpenBSD] signal() Man Page
[Zalewski] http://lcamtuf.coredump.cx/signals.txt