SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 50

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 51

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A signal handler should not reassert its desire to handle its own signal. This is often done on nonpersistent platforms; that is, platforms that, upon receiving a signal, reset the disposition for the signal to default before calling the bound signal handler. See recommendation SIG01-C. Understand implementation-specific details regarding signal handler persistence.

...

Code Block
bgColor#ffcccc
langc

void handler(int signum) {
  if (signal(signum, handler) == SIG_ERR) {
    /* Handle error */
  }
  /* Handle signal */
}
/* ... */
if (signal(SIGUSR1, handler) == SIG_ERR) {
  /* Handle error */
}

...

Code Block
bgColor#ccccff
langc

void handler(int signum) {
  /* Handle signal */
}
/* ... */
if (signal(SIGUSR1, handler) == SIG_ERR) {
  /* Handle error */
}

...

Code Block
bgColor#ccccff
langc

void handler(int signum) {
  /* Handle signal */
}

/* ... */

struct sigaction act;
act.sa_handler = handler;
act.sa_flags = 0;
if (sigemptyset( &act.sa_mask) != 0) {
  /* Handle error */
}
if (sigaction(SIGUSR1, &act, NULL) != 0) {
  /* Handle error */
}

...

POSIX recommends sigaction() and deprecates signal(). Unfortunately, sigaction() is not C99C-compliant and is not supported on some platforms, including Windows.

...

SIG34-EX1: On a machine with persistent signal handlers, it is safe for a handler to modify the behavior for its own signal. This would include having the signal be ignored, reset to default behavior, or handled by a different handler. A handler assigning itself to its own signal is also safe, as it is a no-op. Since multiple invocations of its signal will merely cause it to "interrupt itself," , the handler is impervious to a race condition until it manages to reassign its signal.

...

Code Block
bgColor#ccccff
langc

void handler(int signum) {
#ifndef WINDOWS
  if (signal(signum, SIG_DFL) == SIG_ERR) {
    /* Handle error */
  }
#endif
  /* Handle signal */
}
/* ... */
if (signal(SIGUSR1, handler) == SIG_ERR) {
  /* Handle error */
}

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

SIG34-C

low

unlikely

low

P3

L3

Automated Detection

 

can

Tool

Version

Checker

Description

Section
Compass/ROSE  
Section
Can detect violations of this rule. However, false positives may occur on systems with persistent handlers.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

ISO/IEC 9899-1999TR2 Section 7.14.1.1, "The signal function"

ISO/IEC TR 17961 (Draft) Calling signal from interruptible signal handlers [sigcall]

MITRE CWE: CWE-479, "Unsafe Function Call from a Signal Handler"

...