A signal is a mechanism for transferring control that is typically used to notify a process that an event has occurred. That process can then respond to that the event accordingly. The C Standard provides functions for sending and handling signals within a C program.
...
| Code Block |
|---|
void (*signal(int sig, void (*func)(int)))(int); |
This signal handler is conceptually equivalent to
...
Some platforms provide the ability to mask signals while a signal handler is being processed. If a signal is masked while its own handler is processed, the handler is noninterruptible and need not be async-signal-safe. However, even when a signal is masked while its own handler is processed, the handler must still avoid invoking async-signal-safe unsafe functions because their execution may be (or have been) interrupted by another signal.
Vulnerabilities can arise if a signal handler that is not async-signal-safe is interrupted with any unmasked signal, including its own.
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SIG00-C | highHigh | likelyLikely | highHigh | P9 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| PRQA QA-C |
| warncall for signal | Partially implemented |
...
| CERT C++ Secure Coding Standard | SIG00-CPP. Mask signals handled by noninterruptible signal handlers |
| MITRE CWE | CWE-662, Insufficient synchronization |
Bibliography
| [C99 Rationale 2003] | Subclause 5.2.3, "Signals and Interrupts" | ||
| [Dowd 2006] | Chapter 13, "Synchronization and State" ("Signal Interruption and Repetition") | [ISO/IEC 2003] | Section 5.2.3, "Signals and Interrupts"|
| [Open Group 2004] | longjmp | ||
| [OpenBSD] | signal() Man Page | ||
| [Zalewski 2001] | "Delivering Signals for Fun and Profit" |
...