Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added Rose checker algorithm

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

Compass/ROSE could detect violations of this rule by noting attempts to modify any variable that holds the result of getenv(). A stronger approach would be to report if the result of getenv() is assigned to a (non-const) char*.

References

Wiki Markup
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.4.5, "The {{getenv}} function"
\[[Open Group 04|AA. C References#Open Group 04]\] [getenv|http://www.opengroup.org/onlinepubs/000095399/functions/getenv.html]

...