...
The strlen() function should be used to determine the length of environmental variables so that adequate memory can be dynamically allocated:
| Code Block |
|---|
char *editor; char *buff; editor = (char *)getenv("EDITOR"); if (editor) { buff = (char *)malloc(strlen(editor)+1); strcpy(buff, editor); } |
Priority: P18 Level: L1
Failure to properly allocate sufficient space when copying null-terminated byte strings can result in buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process by an attacker.
...