SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 17

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Non-Compliant Coding Example

The This non-compliant program registers a single signal handler to clean up and terminate when the process receives either a SIGINT or a SIGTERM. However, if a SIGINT is generated, and then a SIGTERM is generated after the call to free(), but before _Exit() is reached, a double free() occurs. process both SIGUSR1 and SIGUSR2. The variable sig2 should be set to one if one or more SIGUSR1 signals are followed by SIGUSR2. a Note that this example also violates SIG30SIG31-C. Only call async-safe functions within Do not access or modify shared objects in signal handlers.

Code Block
bgColor#FFcccc
#include <signal.h> 
#include <stdlib.h>
char *global_ptr;

void handler() {
  free(global_ptr);
  _Exit(-1);
}

int main(void) {
  global_ptr = malloc(16);
  if (global_ptr == NULL) {
    /* handle error condition */
  }#include <string.h>
 
volatile sig_atomic_t sig1 = 0;
volatile sig_atomic_t sig2 = 0;
 
void handler(int signum) { 
  if (sig1) {
     sig2 = 1;
  }
  sig1 = 1;
} 
 
int main(void) {

  signal(SIGINTSIGUSR1, handler);
  signal(SIGTERMSIGUSR2, handler);

  /* ... */

  return 0;
}

...

Wiki Markup
\[[ISO/IEC 03|AA. C References#ISO/IEC 03]\] Section 5.2.3, "Signals and Interruptsinterrupts"
\[[Open Group 04|AA. C References#Open Group 04]\] [longjmp|http://www.opengroup.org/onlinepubs/000095399/functions/longjmp.html]
\[OpenBSD\] [{{signal()}} Man Page|http://www.openbsd.org/cgi-bin/man.cgi?query=signal]
\[Zalewski\] [http://lcamtuf.coredump.cx/signals.txt]
\[[Dowd 06 | AA. C References#Dowd 06]\] Chapter 13, "Synchronization and State" (Signal Interruption and Repetition)