fedora 24
buffer weakness #33


Weakness Breakdown


Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Easily used incorrectly.

File Name:



The highlighted line of code below is the trigger point of this particular Fedora 24 buffer weakness.

       _al_sane_strncpy(output, info.name, size);
   else {
      _al_sane_strncpy(output, EXE_NAME_UNKNOWN, size);

   output[size-1] = '\0';

/* system_thread:
static int32 system_thread(void *data)

   if (_be_allegro_app == NULL) {
      char sig[MAXPATHLEN] = "application/x-vnd.Allegro-";
      char exe[MAXPATHLEN];
      char *term, *p;

      _be_sys_get_executable_name(exe, sizeof(exe));

      strncat(sig, get_filename(exe), sizeof(sig)-1);
      sig[sizeof(sig)-1] = '\0';

      _be_allegro_app = new BeAllegroApp(sig);

      using_custom_allegro_app = false;

      term = getenv("TERM");
      if (!strcmp(term, "dumb")) {
         /* The TERM environmental variable is set to "dumb" if the app was
          * not started from a terminal.
         p = &exe[strlen(exe) - 1];
         while (*p != '/') p--;
         *(p + 1) = '\0';
         _al_sane_strncpy(app_path, exe, MAXPATHLEN);
   else {
      using_custom_allegro_app = true;


   /* XXX commented out due to conflicting TRACE in Haiku
   TRACE(PREFIX_I "system thread exited\n"); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.