SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 89

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 90

changes.mady.by.user Unknown User (lflynn)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

 

LDRA tool suite
Include Page
LDRA_V
LDRA_V

133 D

Fully implemented

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

C Secure Coding StandardENV00-C. Do not store objects that can be overwritten by multiple calls to getenv() and similar functionsPrior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TR 24731-25.3.1.1, "The strdup Function"Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013Using an object overwritten by getenv, localeconv, setlocale, and strerror [libuse]Prior to 2018-01-12: CERT: Unspecified Relationship

Bibliography

[IEEE Std 1003.1:2013]Chapter 8, "Environment Variables"
XSH, System Interfaces, strdup
[ISO/IEC 9899:2011]Subclause 7.22.4, "Communication with the Environment"
Subclause 7.22.4.6, "The getenv Function"
Subclause K.3.6.2.1, "The getenv_s Function"
[MSDN]_dupenv_s(), _wdupenv_s()
[Viega 2003]Section 3.6, "Using Environment Variables Securely"

...