alpine 3.9
buffer weakness #31


Weakness Breakdown


Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Easily used incorrectly.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.9 buffer weakness.


struct usb_device *ausb_libusb0_get_usbdev(const rsct_usbdev_t *d) {
  struct usb_bus *busses, *bus;
  struct usb_device *dev;
  char tname[PATH_MAX+1];
  char filename[PATH_MAX+1];
  int nlen;


  snprintf(tname, PATH_MAX, "%03d/%03d",
	   d->busId, d->busPos);

  busses = usb_get_busses();

  for (bus = busses; bus; bus = bus->next) {
    for (dev = bus->devices; dev; dev = dev->next) {
      int flen;

      strncpy(filename, bus->dirname, PATH_MAX );
      strncat(filename, "/", PATH_MAX );
      strncat(filename, dev->filename, PATH_MAX );
      if (flen>=nlen) {
	if (strncmp(filename+(flen-nlen), tname, nlen)==0) {
	  if (dev->descriptor.idVendor == AUSB_CYBERJACK_VENDOR_ID)
	    return dev;
	  else {
	    fprintf(stderr, "RSCT: Device at %s is not a cyberjack\n", filename);
	    return NULL;
  return NULL;


The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.