[metadata]
id = "ENV01-C"
type = "recommendation"
category = "ENV"
number = 1
title = "Do not make assumptions about the size of an environment variable"
description = """
Do not make any assumptions about the size of environment variables because an
adversary might have full control over the environment. If the environment
variable needs to be stored, the length of the associated string should be
calculated and the storage dynamically allocated (seeSTR31-C. Guarantee that
storage for strings has sufficient space for character data and the null
terminator). This noncompliant code example copies the string returned
bygetenv()into a fixed-size buffer: void f() { char path[PATH_MAX]; /* Requires
PATH_MAX to be defined */ strcpy(path, getenv("PATH")); /* Use path */ }
"""
severity = "High"
likelihood = "Likely"
priority = "P9"
level = "L2"
cert_version = "2016 Edition (Wiki)"
last_modified = "Jul 24, 2025"
[rules.cert_c.ENV01-C]
enabled = true
[references]
wiki = "https://wiki.sei.cmu.edu/confluence/display/c/ENV01-C.+Do+not+make+assumptions+about+the+size+of+an+environment+variable"
cwe = ["CWE-119", "CWE-123", "CWE-125"]