Slashdot Mirror

← Back to Stories (view on slashdot.org)

33-Year-Old Unix Bug Fixed In OpenBSD

Posted by kdawson on from the yet-another-stack-overflow dept.

Ste sends along the cheery little story of Otto Moerbeek, one of the OpenBSD developers, who recently found and fixed a 33-year-old buffer overflow bug in Yacc. "But if the stack is at maximum size, this will overflow if an entry on the stack is larger than the 16 bytes leeway my malloc allows. In the case of of C++ it is 24 bytes, so a SEGV occurred. Funny thing is that I traced this back to Sixth Edition UNIX, released in 1975."

6 of 162 comments (clear)

  1. Time to patch by Anonymous Coward · · Score: 5, Funny

    Wouldn't want to let anyone take over your system with yacc. Seriously.

    1. Re:Time to patch by slew · · Score: 5, Funny

      Wouldn't want to let anyone take over your system with yacc. Seriously.

      But ./ is already taken over with yak. Seriously.

  2. Re:Great! by The+Master+Control+P · · Score: 5, Funny

    I too was devastated to learn that my poor Linux box can only handle 128KB of command line arguments. How can I possibly finish typing in that uncompressed bitmap...

  3. Re:bad omen by exley · · Score: 5, Funny

    a 33 year old bug, plus a 25 year old bug (http://it.slashdot.org/article.pl?sid=08/05/11/1339228)....

    if we keep going backwards, will the world implode?

    Well since time began only 38.5 years ago we should find out the answer very soon!

  4. Re:Was it really a bug back then? by russlar · · Score: 5, Funny

    If you overflow a buffer then it's a bug, whether it is exploitable or not.

    If you can overflow an exabyte-sized memory buffer, you deserve a fucking medal.

    --
    Anybody want my mod points?
  5. Hilarious! by BollocksToThis · · Score: 5, Funny

    Funny thing is that I traced this back to Sixth Edition UNIX, released in 1975

    My sides are completely split! Invite this guy to more parties.

    --
    This sig is part of your complete breakfast.