...
MITRE CWE: CWE-119, "Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer"
Bibliography
Wiki Markup
[[Viega 2003|AA. Bibliography#Viega 03]\] Section 3.6, "Using Environment Variables Securely"
...
ENV00-C. Do not store the pointer to the string returned by getenv() 10. Environment (ENV)