SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 90

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 91

changes.mady.by.user Arthur Hicken

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated parasoft

...

Interrupting a noninterruptible signal handler can result in a variety of vulnerabilities [Zalewski 2001].

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

SIG00-C

High

Likely

High

P9

L2

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
BADFUNC.SIGNALUse of signal
LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced enforcement
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2012
MISRA2004-
RULE-21
20_
5
8_bUse of signal
PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v
5019Partially implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID SIG00-CPP. Mask signals handled by noninterruptible signal handlers
MITRE CWECWE-662, Insufficient synchronization

Bibliography

[C99 Rationale 2003]Subclause 5.2.3, "Signals and Interrupts"
[Dowd 2006]Chapter 13, "Synchronization and State" ("Signal Interruption and Repetition")
[IEEE Std 1003.1:2013]XSH, System Interface, longjmp
[OpenBSD]signal() Man Page
[Zalewski 2001]"Delivering Signals for Fun and Profit"

...


...