fedora 24
buffer weakness #38


Weakness Breakdown


Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Does not check for buffer overflows.

File Name:



The highlighted line of code below is the trigger point of this particular Fedora 24 buffer weakness.

 	 strcat(data, "\\bin\\vcvars32.bat");

	 if (access(data, 4) == 0) {
	    printf("Found %s\n", data);

      data[0] = 0;

   /* oh dear, have to ask the user where they put it */
   if (!data[0]) {
      printf("\n  Unable to find MSVC ProductDir information in your registry!\n\n");
      printf("  To install Allegro, I need to know the path where your compiler is\n");
      printf("  installed. Somewhere in your MSVC installation directory there will\n");
      printf("  be a file called vcvars32.bat, which contains this information.\n");
      printf("  Please enter the full path to where I can find that file, for example\n");
      printf("  c:\\Program Files\\Microsoft Visual Studio\\VC98\\bin\\vcvars32.bat\n");

      for (;;) {
	 printf("\n> ");

	 if (gets(data)) {
	    i = strlen(data) - 12;
	    if (i < 0)
	       i = 0;

	    if (stricmp(data+i, "vcvars32.bat") != 0)
	       printf("\nError: that path doesn't end in vcvars32.bat!\n");
	    else if (access(data, 4) != 0)
	       printf("\nError: can't find a vcvars32.bat file there!\n");
	    else {
	       printf("\nUsing %s\n", data);

	 data[0] = 0;

   /* put it in the environment */
   strcpy(name, "VCVARS=");
   strcat(name, data);


The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.