12. Signals (SIG)

A signal is a mechanism for transferring control, that is typically used to notify a process that an event has occurred. That process can then respond to that event accordingly. C99 provides functions for sending and handling signals within a C program.

Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:

typedef void (*SighandlerType)(int signum);
extern SighandlerType signal(int signum, SighandlerType handler);

(Note that the signal handler function type will have different names on different implementations.)

Improper handling of signals can lead to security vulnerabilities. The following rules and recommendations are meant to eliminate common errors associated with signal handling.

Recommendations

SIG00-A. Mask signals handled by non-interruptible signal handlers

SIG01-A. Understand implementation-specific details regarding signal handler persistence

SIG02-A. Avoid using signals to implement normal functionality

Rules

SIG30-C. Call only asynchronous-safe functions within signal handlers

SIG31-C. Do not access or modify shared objects in signal handlers

SIG32-C. Do not call longjmp() from inside a signal handler

SIG33-C. Do not recursively invoke the raise() function

SIG34-C. Do not call signal() from within interruptible signal handlers

Risk Assessment Summary

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
SIG00-A	3 (high)	3 (likely)	1 (high)	P9	L2
SIG01-A	1 (low)	1 (unlikely)	3 (low)	P3	L3

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
SIG30-C	3 (high)	3 (likely)	1 (high)	P9	L2
SIG31-C	3 (high)	3 (likely)	1 (high)	P9	L2
SIG32-C	3 (high)	3 (likely)	1 (high)	P9	L2
SIG33-C	1 (low)	1 (unlikely)	2 (medium)	P2	L3
SIG34-C	1 (low)	1 (unlikely)	3 (low)	P3	L3

ENV33-C. Do not call the longjmp function to terminate a call to a function registered by atexit() 11. Environment (ENV)

Space shortcuts

Page tree

Recommendations

Rules

Risk Assessment Summary