CWE-479
Signal Handler Use of a Non-reentrant Function
The product defines a signal handler that calls a non-reentrant function.
Mitigation
Phase: Requirements
Description:
- Require languages or libraries that provide reentrant functionality, or otherwise make it easier to avoid this weakness.
Mitigation
Phase: Architecture and Design
Description:
- Design signal handlers to only set flags rather than perform complex functionality.
Mitigation
Phase: Implementation
Description:
- Ensure that non-reentrant functions are not found in signal handlers.
Mitigation
Phase: Implementation
Description:
- Use sanity checks to reduce the timing window for exploitation of race conditions. This is only a partial solution, since many attacks might fail, but other attacks still might work within the narrower window, even accidentally.
No CAPEC attack patterns related to this CWE.