alpine 3.8
buffer weakness #10

5

Weakness Breakdown


Definition:

Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Does not check for buffer overflows.

File Name:

hylafaxplus/src/hylafax-7.0.0/util/JobExt.c++

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.8 buffer weakness.

  * IN NO EVENT SHALL SAM LEFFLER OR SILICON GRAPHICS BE LIABLE FOR
 * ANY SPECIAL, INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND,
 * OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
 * WHETHER OR NOT ADVISED OF THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF 
 * LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE 
 * OF THIS SOFTWARE.
 */
#include "JobExt.h"

JobExt::JobExt() {}
JobExt::~JobExt() {}

inline void
gets(fxStr& s, const char*& cp)
{
    s = cp;
    cp += s.length()+1;
}

const char*
JobExt::decode(const char* cp)
{
    memcpy(&tts, cp, sizeof (JobExtFixed)), cp += sizeof (JobExtFixed);

    gets(jobid, cp);
    gets(dest, cp);
    gets(device, cp);
    gets(commid, cp);
    return (cp);
} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.