...
| Code Block | ||
|---|---|---|
| ||
int foo()
{
char *env;
char *copy_of_env;
env = getenv("TEST_ENV");
copy_of_env = malloc( (strlen(env)+1) * sizeof(char) );
strncpy(copy_of_env, env, strlen(env));
copy_of_env[0] = 'a';
/*Do some more things*/
return 0;
}
|
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ENV30-C | 2 (Medium) | 3 (probable) | 2 (Medium) | P | L |