...
Noncompliant Code Example
The following This noncompliant code example behaves differently when compiled and run on Linux and Microsoft Windows platforms:
...
An attacker can create multiple environment variables with the same name (for example, by using the POSIX execve() function). If the program checks one copy but uses another, security checks may be circumvented.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ENV02-C | Low | Unlikely | Medium | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
| Compass/ROSE |
| Parasoft C/C++test |
| CERT_C-ENV02-a | Usage of system properties (environment variables) should be restricted |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ |
| Coding Standard |
| VOID ENV00-CPP. Beware of multiple environment variables with the same effective name | |
| ISO/IEC TR 24772:2013 | Executing or Loading Untrusted Code [XYS] |
| MITRE CWE | CWE-462, Duplicate key in associative list (Alist) CWE-807, Reliance on untrusted inputs in a security decision |
Bibliography
| [ISO/IEC 9899:2011] | Section 7.22.4, "Communication with the Environment" |
| [MSDN] | getenv() |
...
...