Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 59

changes.mady.by.user Kazunori Takeuchi

Saved on Nov 05, 2009

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on May 20, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Content by Label

showLabels	false
maxResults	99
label	+env,+rule,-void
showSpace	false
sort	title
space	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
cql	label = "rule" and label = "env" and label != "void" and space = currentSpace()

Info
Information for Editors In order to have a new guideline automatically listed above be sure to label it env and rule.

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable	Priority	Level
ENV30-C	Low	Probable	No	No	P2	L3
ENV31-C	Low	Probable	Yes	No	P4	L3
ENV32-C	Medium	Likely	Yes	No	P12	L1
ENV33-C	High	Probable	Yes	No	P12	L1
ENV34-C	Low	Probable	Yes	No	P4	L3

Recommendations

ENV00-C. Do not store the pointer to the string returned by getenv()

ENV01-C. Do not make assumptions about the size of an environment variable

ENV02-C. Beware of multiple environment variables with the same effective name

ENV03-C. Sanitize the environment when invoking external programs

ENV04-C. Do not call system() if you do not need a command processor

Rules

ENV30-C. Do not modify the object pointed to by the return value of functions that gives environmental setting

ENV31-C. Do not rely on an environment pointer following an operation that may invalidate it

ENV32-C. All atexit handlers must return normally

Risk Assessment Summary

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
ENV00-C	low	probable	medium	P4	L3
ENV01-C	high	likely	medium	P18	L1
ENV02-C	low	unlikely	medium	P2	L3
ENV03-C	high	likely	high	P9	L2
ENV04-C	high	probable	medium	P12	L1

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
ENV30-C	low	probable	medium	P4	L3
ENV31-C	low	probable	medium	P4	L3
ENV32-C	medium	likely	medium	P12	L1

Related Rules and Recommendations

Navigation Map

	env
	env
cellWidth	700
wrapAfter	1
cellHeight	15

...

Image Modified CERT C Secure Coding Standard ENV00-C. Do not store the pointer to the string returned by getenv() Image Added Image Added