SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 45

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 46

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A signal handler should not reassert its desire to handle its own signal. This is often done on nonpersistent platforms; that is, platforms that, upon receiving a signal, unbind the signal to default behavior before calling the bound signal handler. See recommendation SIG01-C. Understand implementation-specific details regarding signal handler persistence.

A signal handler may call signal() only if it does not need to be asynchronous-safe. (in In other words, all relevant signals are masked, so that the handler cannot be interrupted.)

...

While the handler in this example does not call signal(), it could do so safely because the signal is masked, and the handler cannot be interrupted. If the same handler is installed for more than one signal number, it would be necessary to mask the signals explicitly in act.sa_mask to ensure that the handler cannot be interrupted , because the system masks only the signal being delivered.

...

There is no safe way to implement persistent signal handler behavior on Windows platforms, and it should not be attempted. In cases where a design depends on this behavior, and the design cannot be altered, it may be necessary to claim a deviation from the rule after completing an appropriate risk analysis.

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

SIG34-C

low

unlikely

low

P3

L3

Automated Detection

Tool

Version

Checker

Description

Section

Compass/ROSE

 

 

Section

can detect violations of this rule. However, false positives may occur on systems with persistent handlers

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

CERT This rule appears in the C++ Secure Coding Standard as : SIG34-CPP. Do not call signal() from within interruptible signal handlers.

Bibliography

unmigrated-wiki-markup

\[[ISO/IEC 9899-1999TR2|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.14.1.1, "The {{signal}} function" \[[MITRE 07|AA. Bibliography#MITRE 07]\] [CWE ID 479|http://cwe.mitre.org/data/definitions/479.html], "Unsafe Function Call from a Signal Handler"

MITRE CWE: CWE-479, "Unsafe Function Call from a Signal Handler"

Bibliography

...

SIG33-C. Do not recursively invoke the raise() function      11. Signals (SIG)      SIG35-C. Do not return from SIGSEGV, SIGILL, or SIGFPE signal handlers