SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 72

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 73

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

ENV30-C

low

probable

medium

P4

L3

Automated Detection

Tool

Version

Checker

Description

Section

Compass/ROSE

 

 

Section

can detect violations of this rule. In particular, it ensures that the result of getenv() is stored in a const variable

...

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

CERT This rule appears in the C++ Secure Coding Standard as : ENV30-CPP. Do not modify the string returned by getenv().

Bibliography

unmigrated-wiki-markup

\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.11.1.1, “The {{setlocale}} function;” Section 7.11.2.1, “The {{localeconv}} function;” ” Section 7.20.4.5, "The {{getenv}} function;" Section 7.21.6.2, "The {{strerror}} function"

Bibliography

Wiki Markup

\[[Open Group 042004|AA. Bibliography#Open Group 04]\] [getenv|http://www.opengroup.org/onlinepubs/000095399/functions/getenv.html], [setlocale|http://www.opengroup.org/onlinepubs/009695399/functions/setlocale.html], [localeconv|http://www.opengroup.org/onlinepubs/009695399/functions/localeconv.html]

...