[metadata]
id = "SIG02-C"
type = "recommendation"
category = "SIG"
number = 2
title = "Avoid using signals to implement normal functionality"
description = """
Avoid using signals to implement normal functionality. Signal handlers are
severely limited in the actions they can perform in a portably secure manner.
Their use should be reserved for abnormal events that can be serviced by little
more than logging. This noncompliant code example uses signals as a means to
pass state changes around in a multithreaded environment: /* THREAD 1 */ int
do_work(void) { /* ... */ kill(THR2_PID, SIGUSR1); } /* THREAD 2 */ volatile
sig_atomic_t flag; void sigusr1_handler(int signum) { flag = 1; } int
wait_and_work(void) { flag = 0; while (!flag) {} /* ... */ }
"""
severity = "High"
likelihood = "Probable"
priority = "P6"
level = "L2"
cert_version = "2016 Edition (Wiki)"
last_modified = "Jul 24, 2025"
[rules.cert_c.SIG02-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/SIG02-C.+Avoid+using+signals+to+implement+normal+functionality"