...
Errors and potential vulnerabilities exist when the actual signal handler persistence behavior is inconsistent with the developer's expectations, for example, the developer expects the signal handler to persist but it does not. This is due to the possibility of asynchronous signals arising from outside the program, potentially from hostile sources.
Non-Compliant Code Example (Windows)
...
| Code Block | ||
|---|---|---|
| ||
/* Equivalent to signal( SIGUSR1, handler); */ but make signal non-persistent */ struct sigaction act; act.sa_handler = &handler; act.sa_flags = SA_RESETHAND; if (sigfillsetsigemptyset( &act.sa_mask) != 0) { /* handle error */ } if (sigaction(SIGUSR1, &act, NULL) != 0) { /* handle error */ } |
...