...
A signal handler may call signal() only if it does not need to be asynchronous-safe. (In other words, all relevant signals are masked , so that the handler cannot be interrupted.)
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
void handler(int signum) {
/* Handle signal */
}
/* ... */
struct sigaction act;
act.sa_handler = handler;
act.sa_flags = 0;
if (sigemptyset( &act.sa_mask) != 0) {
/* Handle error */
}
if (sigaction(SIGUSR1, &act, NULL) != 0) {
/* Handle error */
}
|
While Although the handler in this example does not call signal(), it could do so safely because the signal is masked, and the handler cannot be interrupted. If the same handler is installed for more than one signal number, the signals must be masked explicitly in act.sa_mask to ensure that the handler cannot be interrupted because the system masks only the signal being delivered.
...
SIG34-EX1: On a machine with persistent signal handlers, it is safe for a handler to modify the behavior for its own signal. This Behavior modification would include having the signal be ignored, reset to default behavior, or handled by a different handler. A handler assigning itself to its own signal is also safe, as it is a no-op. Since Because multiple invocations of its signal will merely cause it to "interrupt itself," the handler is impervious to a race condition until it manages to reassign its signal.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
| ISO/IEC TS 17961 (Draft) | Calling signal from interruptible signal handlers [sigcall] |
| MITRE CWE |
...
...
| Unsafe function call from a signal handler |
...
...