tainted string: maybe strdup () helps us out

2025-01-21 14:17:27 +01:00 · 2017-02-15 13:57:07 +01:00 · 2017-02-15 13:57:07 +01:00 · 0ca0448bd9
commit 0ca0448bd9
parent add3ec6f54
1 changed files with 6 additions and 0 deletions
--- a/src/shared.c
+++ b/src/shared.c
@ -256,6 +256,10 @@ void setup_environment_variables ()

  if (compute)
  {
+    // fix for coverity "TAINTED_STRING" issue (using the environment variable directly could be "dangerous")
+
+    compute = strdup (compute);
+
    static char display[100];

    u32 compute_len_max = sizeof (display);
@ -273,6 +277,8 @@ void setup_environment_variables ()
        putenv (display);
      }
    }
+
+    free (compute);
  }
  else
  {