Michal Zalewski at BindView wrote a paper on exploiting signal handlers, http://www.bindview.com/Support/RAZOR/Papers/2001/signals.cfm

dave_the_m is correct, you need to limit the functionality done in a signal handler as much as possible. Setting a flag is the probably the most accepted method for "safe" signal handlers.

While your signal handlers are not perfect and can be used to hork your program quite badly, its nowhere near the worst signal handler I've ever seen. The "worst" signal handler I've come across was example:

void ack() {
   env = getenv("DEBUG");
   buf = malloc(256);
   strcpy(buf,env);
   syslog(buf);
   free(buf);
   longjmp FOO;
   free(buf);
}
[download]

a buffer overflow, print string vulnerability, a double free, and a longjmp. Take your pick for which you want to exploit :P