...
| Code Block |
|---|
static char fname[] = "/tmp/edXXXXXX"; mktemp(fname); |
Consequences
Priority: P9 Level: L1
Modifying string literals and lead to abnormal program termination and can be used in denialAbnormal program termination.
Denial-of-service attack.attacks.
Component | Value |
|---|---|
Severity | 1 (low) |
Likelihood | 3 (likely) |
Remediation cost | 3 (low) |
References
- ISO/IEC 9899-1999 Section 6.4.5 String literals
- Summit 95 comp.lang.c FAQ list - Question 1.32
- Plum 91 Topic: 1.26 strings - string literals