You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 26 Next »

Do not modify the value returned by the getenv() function. Create a copy and make your changes locally, so that they are not overwritten. According to C99 [[ISO/IEC 9899-1999:TC2]]:

The getenv function returns a pointer to a string associated with the matched list member. The string pointed to shall not be modified by the program, but may be overwritten by a subsequent call to the getenv function. If the specified name cannot be found, a null pointer is returned.

Non-Compliant Code Example

This non-compliant code example modifies the string returned by getenv().

char *env = getenv("TEST_ENV");
env[0] = 'a';

Compliant Solution

This is a compliant code solution. If it is necessary to modify the value of the string returned by the function getenv(), then the programmer should make a local copy of that string value, and then modify the local copy of that string.

char *env;
char *copy_of_env;

if ((env = getenv("TEST_ENV")) != NULL) {
   copy_of_env = malloc(strlen(env) + 1);

   if (copy_of_env != NULL) {
      strcpy(copy_of_env, env);
   }
   else {
      /* Error handling */
   }

   copy_of_env[0] = 'a';
}

Risk Assessment

The modified string may be overwritten by a subsequent call to the getenv function.

Rule

Severity 

Likelihood 

Remediation Cost

Priority

Level

ENV30-C

1 (low)

1 (unlikely)

3 (low)

P3

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[[ISO/IEC 9899-1999:TC2]] Section 7.20.4.5, "The getenv function"
[[Open Group 04]] getenv

  • No labels