Security: Environment value has invalid read.

The string may not be allocated.
Check that the string.used is not 0 but if it is then pass an empty string.

diff --git a/level_0/f_environment/c/environment.c b/level_0/f_environment/c/environment.c
index 48346d6572639e6b64f80a3d691e161d1e8f3568..9f77e758a0a640d1278375be9d9910a1ee954a1b 100644 (file)
--- a/level_0/f_environment/c/environment.c
+++ b/level_0/f_environment/c/environment.c
@@ -117,7 +117,7 @@ extern "C" {
       return F_data_not;
     }
 
-    if (setenv(name.string, value.string, replace) < 0) {
+    if (setenv(name.string, value.used ? value.string : "", replace) < 0) {
       if (errno == EINVAL) return F_status_set_error(F_parameter);
       if (errno == ENOMEM) return F_status_set_error(F_memory_not);