...
According to the [Open Group 2004] entry for putenv():
...the string pointed to by string shall become part of the environment, so altering the string shall change the environment.
This means that the call to putenv() is only necessary the first time func() is called, since subsequent changes to the string update the environment. If func() were called more than once, an additional variable could be added to avoid calling it unnecessarily.
...
Providing a pointer to a buffer of automatic storage duration as an argument to putenv() may cause that buffer to take on an unintended value. Depending on how and when the buffer is used, it can cause unexpected program behavior or possibly allow an attacker to run arbitrary code.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
POS34-C | High | highUnlikely | unlikelyYes | mediumNo | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported: Can be checked with appropriate analysis stubs. | |||||||
| Axivion Bauhaus Suite |
| CertC-POS34 | |||||||
| CodeSonar |
| (customization) BADFUNC.PUTENV | Users can add a custom check for all uses of putenv().Use of putenv | ||||||
| Compass/ROSE | |||||||||
| Helix QAC |
| C5024 | |||||||
| Klocwork |
| CERT.PUTENV.AUTO_VARIABLE | |||||||
| Parasoft C/C++test |
| CERT_C-POS34-a | Usage of system properties (environment variables) should be restricted | ||||||
| PC-lint Plus |
| 2601 | Fully supported | ||||||
| CERT C: Rule POS34-C | Checks for use of automatic variable as putenv-family function argument (rule fully covered) |
...
| [Dowd 2006] | Chapter 10, "UNIX Processes" |
| [ISO/IEC 9899:20112024] | Section 6.2.4, "Storage Durations of Objects" Section 7.24.3, "Memory Management Functions" |
| [Open Group 2004] | putenv()setenv() |
...