...
Providing a pointer to a buffer of automatic storage duration as an argument to putenv() may cause that buffer to take on an unintended value. Depending on how and when the buffer is used, it can cause unexpected program behavior or possibly allow an attacker to run arbitrary code.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS34-C | high | unlikely | medium | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| (customization) | Users can add a custom check for all uses of putenv(). | ||||||
| Compass/ROSE |
| Parasoft C/C++test |
|
|
| SECURITY-03 |
| , BD-PB-PUTENV | Implemented | ||||||||
| PRQA QA-C |
| 5024 | Partially implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|
CERT-CWE Mapping Notes
Key here for mapping notes
...
- Ignoring return values of functions outside the C or POSIX standard libraries
Bibliography
| [Dowd 2006] | Chapter 10, "UNIX Processes" |
| [ISO/IEC 9899:2011] | Section 6.2.4, "Storage Durations of Objects" Section 7.22.3, "Memory Management Functions" |
| [Open Group 2004] | putenv()setenv() |
...