Upon successful completion, getenv()
function returns a pointer to a null-terminated string containing the value of a specified environmental variable. If the specified variable cannot be found the environment of the calling process, a null pointer is returned.
Do not modify the value returned by the getenv()
function. Create a copy and make your changes locally, using setenv()
to update the environment when necessary. This allows the implementation to properly allocate and manage memory.
Non-Compliant Code Example
This non-compliant code example showing that modification of the string value returned by the function getenv()
. Characters in env
should not be changed directly.
int foo() { char *env; env = getenv("TEST_ENV"); env[0] = 'a'; /*Do some more things*/ return 0; }
Compliant Code Solution
This is a compliant code solution. If it is necessary to modify the value of the string returned by the function getenv()
, then the programmer should make a local copy of that string value, and then modify the local copy of that string. If it is necessary to propagate the changes back to the environment, use setenv()
.
int foo() { char *env; char *copy_of_env; env = getenv("TEST_ENV"); copy_of_env = malloc( strlen(env) + 1 ); /* Error handling */ strcpy(copy_of_env, env); copy_of_env[0] = 'a'; /*Do some more things*/ return 0; }
Risk Assessment
The system will not be able to properly keep track of the size of environment variables, leading to memory management exploits.
Rule |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
ENV30-C |
2 (medium) |
3 (probable) |
2 (medium) |
P12 |
L1 |
References
[[ISO/IEC 9899-1999]] Section 7.20.4.5, "The getenv
function"
[[Open Group 04]] getenv