You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

A signal is an interrupt that is used to notify a process that an event has occurred. That process can then respond to that event accordingly. ISO/IEC 9899-1999 C provides functions for sending and handling signals within a C program.

Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:

void (*signal(int sig, void (*func)(int)))(int);

There is also a POSIX implementation, that offers more control over how signals are processed.

Improper handling of signals can lead to security vulnerabilities. The following rules and recommendations are designed to reduce the common errors associated with signal handling.

Rules

SIG00-C. Do not call non-reentrant functions within signal handlers

SIG01-C. Do not access or modify shared objects in signal handlers

SIG02-C. Do not call longjmp() from inside a signal handler

Risk Assessment Summary

Rules

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SIG00-C

3 (high)

3 (likely)

1 (high)

P9

L2

SIG01-C

3 (high)

3 (likely)

1 (high)

P9

L2

SOG02-C

2 (medium)

1 (unlikely)

3 (low)

P6

L2

  • No labels