SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 63

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 64

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated cwe info

...

Wiki Markup
Section 7.20.4.5 of C99 states that \[[ISO/IEC 9899:1999|AA. References#ISOBibliography#ISO/IEC 9899-1999]\]

The set of environment names and the method for altering the environment list are implementation-defined.

...

Wiki Markup
One common difference between implementations is whether or not environment variables are case sensitive.  While UNIX-like implementations are generally case sensitive, environment variables are "not case sensitive in Windows 98/Me and Windows NT/2000/XP" \[[MSDN|AA. References#MSDNBibliography#MSDN]\].

Duplicate Environment Variable Detection (POSIX)

...

Wiki Markup
\[[ISO/IEC 9899:1999|AA. References#ISOBibliography#ISO/IEC 9899-1999]\] Section 7.20.4, "Communication with the environment"
\[[ISO/IEC PDTR 24772|AA. References#ISOBibliography#ISO/IEC PDTR 24772]\] "XYS Executing or Loading Untrusted Code"
\[[MITRE 07|AA. References#MITREBibliography#MITRE 07]\] [CWE-462|http://cwe.mitre.org/data/definitions/462.html], "Duplicate Key in Associative List (Alist)," [CWE-807|http://cwe.mitre.org/data/definitions/807.html], "Reliance on Untrusted Inputs in a Security Decision"
\[[MSDN|AA. References#MSDNBibliography#MSDN]\] [{{getenv()}}|http://msdn.microsoft.com/en-us/library/tehxacec(VS.71).aspx]

...