alpine 3.9
format weakness #24


Weakness Breakdown


A format string exploit occurs when the data of an input string is evaluated as a command by the program. This class of attacks is very similar to buffer overflows since an attacker could execute code, read the stack or cause new behaviors that compromise security. Learn more about format string attacks on OWASP attack index.

Warning code(s):

Potential format string problem.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.9 format weakness.

		// type
		switch (m_ps->m_tabStops[i].m_alignment)
		case RIGHT:
			tmpTabStop.insert("style:type", "right");
		case CENTER:
			tmpTabStop.insert("style:type", "center");
		case DECIMAL:
			tmpTabStop.insert("style:type", "char");
			tmpTabStop.insert("style:char", "."); // Assume a decimal point for now
		case LEFT:
		case BAR:
		default:  // Left alignment is the default and BAR is not handled in OOo

		// leader character
		if (m_ps->m_tabStops[i].m_leaderCharacter != 0x0000)
			librevenge::RVNGString sLeader;
			sLeader.sprintf("%c", m_ps->m_tabStops[i].m_leaderCharacter);
			tmpTabStop.insert("style:leader-text", sLeader);
			tmpTabStop.insert("style:leader-style", "solid");

		// position
		double position = m_ps->m_tabStops[i].m_position;
		if (m_ps->m_isTabPositionRelative)
			position -= m_ps->m_leftMarginByTabs;
			position -= m_ps->m_paragraphMarginLeft + m_ps->m_sectionMarginLeft + m_ps->m_pageMarginLeft;
		if (position < 0.00005f && position > -0.00005f)
			position = 0.0;
		tmpTabStop.insert("style:position", position);

		/* TODO: fix situations where we have several columns or are inside a table and the tab stop
		 *       positions are absolute (relative to the paper edge). In this case, they have to be
		 *       computed for each column or each cell in table. (Fridrich) */

void WPXContentListener::_closeParagraph()
	if (m_ps->m_isParagraphOpened) 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.