Buffer Getenv Curl Getenv
This function's return value should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privileges.
greprules fetch gitlab-sast-c-buffer-rule-getenv-curl-getenv --engine opengrepDescription
This function's return value should be treated as untrusted input as it could be modified by an attacker. Possible risks include: - The value being too large and causing buffer overflows - Files under the attacker's control being used maliciously - Files outside of an attacker's control becoming accessible, depending on access privileges.
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.