From: Kevin Day <thekevinday@gmail.com>
Date: Sat, 9 Jul 2022 16:14:12 +0000 (-0500)
Subject: Security: Environment value has invalid read.
X-Git-Tag: 0.6.0~82
X-Git-Url: https://git.kevux.org/?a=commitdiff_plain;h=15fc9eabc696b6bc427d8dcef4c39c82d0b14a2e;p=fll

Security: Environment value has invalid read.

The string may not be allocated.
Check that the string.used is not 0 but if it is then pass an empty string.
---

diff --git a/level_0/f_environment/c/environment.c b/level_0/f_environment/c/environment.c
index 48346d6..9f77e75 100644
--- a/level_0/f_environment/c/environment.c
+++ b/level_0/f_environment/c/environment.c
@@ -117,7 +117,7 @@ extern "C" {
       return F_data_not;
     }
 
-    if (setenv(name.string, value.string, replace) < 0) {
+    if (setenv(name.string, value.used ? value.string : "", replace) < 0) {
       if (errno == EINVAL) return F_status_set_error(F_parameter);
       if (errno == ENOMEM) return F_status_set_error(F_memory_not);