From 55d2e06ec5afee20d56fc8a48d4c4d75e9afdbe0 Mon Sep 17 00:00:00 2001
From: Jakob Kaivo <jkk@ung.org>
Date: Fri, 31 May 2024 15:21:10 -0400
Subject: verify that the provided signal handler is executable

---
 src/signal/signal.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/signal/signal.c b/src/signal/signal.c
index ba8461b4..6a48b49a 100644
--- a/src/signal/signal.c
+++ b/src/signal/signal.c
@@ -2,6 +2,7 @@
 #include "_signal.h"
 #include "_safety.h"
 #include "_syscall.h"
+#include "_memperm.h"
 
 /** set a signal handler **/
 
@@ -33,6 +34,10 @@ void (*signal(int sig, void (*func)(int)))(int)
 		return SIG_ERR;
 	}
 
+	if ((__memperm(func) & PROT_EXEC) != PROT_EXEC) {
+		UNDEFINED("signal handler is not executable");
+	}
+
 	void (*prev)(int) = ___signal.handlers[sig];
 	___signal.handlers[sig] = func;
 
-- 
cgit v1.2.1