...
| Code Block | ||
|---|---|---|
| ||
void f() {
char path[PATH_MAX];
/* assume $PATH is defined and no longer than PATH_MAX characters */
strcpy(path, getenv("PATH"));
/* use path */
}
|
However, the string copied from temp may exceed the size of copy, leading to a buffer overflowEven if your platform assumes that $PATH is defined, defines PATH_MAX, and enforces that paths not have more than PATH_MAX characters, there is still no requirement that the $PATH environment variable have less than PATH_MAX chars. And if it has more than PATH_MAX chars, a buffer overflow will result. Also, if $PATH is not defined, then strcpy() will attempt to dereference a null pointer.
Compliant Solution
In the following compliant solution, the strlen() function is used to calculate the size of the string, and the required space is dynamically allocated.
...