No direct issues come from this, but you need to be careful that something doesn't generate two similar signals that call the same handler, and your the code to deal with it get executed twice.
Non-Compliant Coding Example
The program is intended to clean up and terminate when it receives either a SIGINT or a SIGTERM. However, if a SIGINT is generated, and then a SIGTERM is generated after the call to free(), but before _Exit() is reached, a double free() will occur.
| Code Block | ||
|---|---|---|
| ||
#include <signal.h>
char *global_ptr;
void handler() {
free(global_ptr);
_exitExit(0-1);
}
int main() {
global_ptr = malloc(16);
if (global_ptr == NULL) {
/* handle error condition */
}
signal(SIGINT, handler);
signal(SIGTERM, handler);
/* program code */
return 0;
}
|
Compliant Solution
| Code Block | |
|---|---|
| bgColor | #ccccff
Risk Assessment
Depending on the code, this could lead to any number of attacks, many of which could give root access. For an overview of some software vulnerabilities, see Zalewski's signal article.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSCxx SIG00-C A | 3 (high) | 3 (likely) | 1 (high) | P9 | L2 |
References
| Wiki Markup |
|---|
\[[ISO/IEC 03|AA. C References#ISO/IEC 03]\] "Signals and Interrupts"
\[[Open Group 04|AA. C References#Open Group 04]\] [longjmp|http://www.opengroup.org/onlinepubs/000095399/functions/longjmp.html]
\[OpenBSD\] [{{signal()}} Man Page|http://www.openbsd.org/cgi-bin/man.cgi?query=signal]
\[Zalewski\] [http://lcamtuf.coredump.cx/signals.txt] |