...
| CERT C++ Secure Coding Standard | ENV01-CPP. Do not make assumptions about the size of an environment variable |
| MITRE CWE | CWE-119, Failure to constrain operations within the bounds of an allocated memory buffer |
Bibliography
| [Open Group 2004IEEE Std 1003.1:2013] | Chapter 8, "Environment Variables" |
| [Viega 2003] | Section 3.6, "Using Environment Variables Securely" |
...