alpine 3.6
buffer weakness #134


Weakness Breakdown


Buffer overflows are one of the most well-known software vulnerabilities. Even though most developers know what buffer overflows are, attacks against the vulnerabilities are common in both legacy and newer applications. A classic buffer overflow exploit begins with the attacker sending data to a program, which it then stores in an undersized stack buffer. Besides stack buffer overflows, other kinds of buffer overflows include heap overflows, off-by-one errors and many others. Learn more about buffer overflows on OWASP attack index.

Warning code(s):

Easily used incorrectly.

File Name:



The highlighted line of code below is the trigger point of this particular Alpine 3.6 buffer weakness.

   strncpy (exportname, outname, PATH_MAX - sizeof(filenum));
  if (*tiffout == NULL)   /* This is a new export file */
    if (autoindex)
      { /* create a new filename for each export */
      if ((sep = strstr(exportname, ".tif")) || (sep = strstr(exportname, ".TIF")))
        strncpy (export_ext, sep, 5);
        *sep = '\0';
        strncpy (export_ext, ".tiff", 5);
      export_ext[5] = '\0';

      /* MAX_EXPORT_PAGES limited to 6 digits to prevent string overflow of pathname */
      if (findex > MAX_EXPORT_PAGES)
	TIFFError("update_output_file", "Maximum of %d pages per file exceeded", MAX_EXPORT_PAGES);
        return 1;

      snprintf(filenum, sizeof(filenum), "-%03d%.5s", findex, export_ext);
      filenum[sizeof(filenum)-1] = '\0';
      strncat (exportname, filenum, sizeof(filenum)-1);
    exportname[PATH_MAX - 1] = '\0';

    *tiffout = TIFFOpen(exportname, mode);
    if (*tiffout == NULL)
      TIFFError("update_output_file", "Unable to open output file %s", exportname);
      return 1;
    *page = 0; 

    return 0;

  return 0;
  } /* end update_output_file */

main(int argc, char* argv[])


The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.