A signal is a mechanism for transferring control , that is typically used to notify a process that an event has occurred. That process can then respond to that event accordingly. C99 provides functions for sending and handling signals within a C program.
Signals are handled by a process by registering a signal handler using the signal() function, which is specified as:
| Code Block |
|---|
void (*signal(int sig, void (*func)(int)))(int); |
...
Some platforms provide the ability to mask signals while a signal handler is being processed. If a signal is masked while its own handler is processed, the handler is unnon-interruptible , and need not be asynchronous-safe.
Vulnerabilities can arise if a non-asynchronous-safe signal handler is interrupted with any unmasked signal, including its own, especially if it manipulates globally - accessible data.
Non-Compliant Code Example
...
The POSIX sigaction() function assigns handlers to signals in a similar manner to the C99 signal() function, but it also allows signal masks to be set explicitly. Consequently, sigaction() can be used to prevent a signal handler from interrupting itself.
...