Chapter 11. Environment (ENV)

Recommendations and Rules

images

Risk Assessment Summary

images

Related Rules and Recommendations

images

ENV00-C. Do not store the pointer to the string returned by getenv()

C99, Section 7.20.4.5, defines getenv() to have the following behavior:

The getenv function returns a pointer to a string associated with the matched list member. The string pointed to shall not be modified by the program but may be overwritten by a subsequent call ...

Get The CERT® C Secure Coding Standard now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.