Buffer G Get Home Dir
This function is synonymous with `getenv("HOME")` and should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privil
greprules fetch gitlab-sast-c-buffer-rule-g-get-home-dir --engine opengrepDescription
This function is synonymous with `getenv("HOME")` and should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privil
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.