The signal() function has implementation-defined behavior and behaves differently on Windows, for example, than it does on many UNIX systems.
...
Unfortunately, this solution still contains a race window, starting when the host environment resets the signal and ending when the handler calls signal(). During that time, a second signal sent to the program will trigger the default signal behavior, defeating the persistent behavior. (See SIG34-C. Do not call signal() from within interruptible signal handlers.)
A secure solution must prevent the environment from resetting the signal in the first place, guaranteeing persistence. Unfortunately, Windows does not provide a secure solution to this problem.
...
This solution is an exception to SIG34-C. Do not call signal() from within interruptible signal handlers.
Compliant Solution (POSIX)
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE |
|
| Could detect possible violations by flagging any signal handler that calls | ||||||
| PRQA QA-C |
| warncall for signal | Partially implemented |
Related Vulnerabilities
...