PROBLEM
Let's start off simple, can you overflow the right buffer in this program to get the flag? You can also find it in /problems/buffer-overflow-0_0_6461b382721ccca2318b1d981d363924 on the shell server. Source.
HINT How can you trigger the flag to print?
If you try to do the math by hand, maybe try and add a few more characters. Sometimes there are things you aren't expecting.
SOLUTION
You can see from the source that this program takes an input without actually checking for the size of the input so if we exceed the input size for the 16, which is the expected length of char buf we'll have ourself an overflow.
Just do
./vuln aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
FLAG - picoCTF{ov3rfl0ws_ar3nt_that_bad_a54b012c}