alpine 3.7
buffer weakness #4

5

Weakness Breakdown


Definition:

Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Easily used incorrectly.

File Name:

dnsmasq/src/dnsmasq-2.78/src/domain.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 buffer weakness.

     }
  
  return 0;
}


int is_rev_synth(int flag, struct all_addr *addr, char *name)
{
   struct cond_domain *c;

   if (flag & F_IPV4 && (c = search_domain(addr->addr.addr4, daemon->synth_domains))) 
     {
       char *p;
       
       *name = 0;
       if (c->prefix)
	 strncpy(name, c->prefix, MAXDNAME - ADDRSTRLEN);
       
       inet_ntop(AF_INET, &addr->addr.addr4, name + strlen(name), ADDRSTRLEN);
       for (p = name; *p; p++)
	 if (*p == '.')
	   *p = '-';

       strncat(name, ".", MAXDNAME);
       strncat(name, c->domain, MAXDNAME);

       return 1;
     }

#ifdef HAVE_IPV6
   if (flag & F_IPV6 && (c = search_domain6(&addr->addr.addr6, daemon->synth_domains))) 
     {
       char *p;
       
       *name = 0;
       if (c->prefix)
	 strncpy(name, c->prefix, MAXDNAME - ADDRSTRLEN);
       
       inet_ntop(AF_INET6, &addr->addr.addr6, name + strlen(name), ADDRSTRLEN);

       /* IPv6 presentation address can start with ":", but valid domain names
	  cannot start with "-" so prepend a zero in that case. */
       if (!c->prefix && *name == ':')
	 {
	   *name = '0';
	   inet_ntop(AF_INET6, &addr->addr.addr6, name+1, ADDRSTRLEN);
	 }

       /* V4-mapped have periods.... */
       for (p = name; *p; p++) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.