Geek Answers Handbook

Using standard getenv C and safe methods

I am trying to write C code that uses some ENV variables in a UNIX environment. The question arises: could reading variables (for example, getenv ()) cause a buffer overflow? Moreover, how can I find the size limit of an env variable for my platform? For example, what is the header file?

Finally, what are the safest methods for using code in a reading environment supplied by variables?

+8
source share
4 answers

Reading an environment variable using getenv() will not cause a buffer overflow.

On Linux, inherited environment variables and their values ​​are stored in the process address space by the kernel during exec() . The getenv() function simply returns a pointer to this existing data. Since it does not copy any data, the buffer does not exist, and there can be no buffer overflow.

If you try to pass too many environment variables into a new process, exec() will signal an E2BIG error.

Security concerns

Actually, there are no problems with buffer overflows with environment variables.

A security issue is that you do not have to trust the contents of the environment. If your program is running setuid (or setgid, etc.), then the environment is an attack vector. The user can set PATH or LD_PRELOAD or other variables in malicious ways.

However, you rarely have to write setuid programs. This is good because there are so many reasons why it is difficult to make setuid programs safe.

+6
source 
 #include <stdio.h> #include <stdlib.h> int main() { char *hai; printf("The current User name is\n"); hai="USER"; printf("%s\n",getenv(hai)); printf("The current User Directory is\n"); char *hai1="PWD"; printf("%s\n",getenv(hai1)); exit(0); }

This program passes an argument to the getenv () function; its actual means get output

 Output: The current User name is loganaayahee The current User Directory is /home/loganaayahee/AdvanceUnix/ (or)

This is not an environment variable means that the getenv () function returns NULL.

  hai="HELLO"; if(getenv(hai)==NULL) printf("This is not Env\n"); else printf("%s\n",getenv(hai)); Output: This is Not Env
+1
source

Depends on what you mean by "reading." Just calling getenv will not cause any problems. However, if you try to copy the returned string to a buffer, and you do not check the buffer limit, you may get a buffer overflow. The string returned by getenv can be large, with no upper bound, except for the available memory that your system decides to allocate to the environment.

This is nothing more than any other line input you can get - beware of using strcpy and sprintf as they do not check the size of your output buffer.

0
source

You must be careful with the environment, especially if you want to pass it on to child processes. For example, an environment should contain only one value for each variable, but it’s easy to create one containing several, if you delete the first and pass the result, another will be opened. If you want to sanitize an environment for children, create it from scratch and not remove the values ​​from what you have. David Wheeler has a guide to secure programming on Unix / Linux on his site .

0
source

More articles:


All Articles