33-Year-Old Unix Bug Fixed In OpenBSD

← Back to Stories (view on slashdot.org)

33-Year-Old Unix Bug Fixed In OpenBSD

Posted by kdawson on Tuesday July 8, 2008 @12:10PM from the yet-another-stack-overflow dept.

Ste sends along the cheery little story of Otto Moerbeek, one of the OpenBSD developers, who recently found and fixed a 33-year-old buffer overflow bug in Yacc. "But if the stack is at maximum size, this will overflow if an entry on the stack is larger than the 16 bytes leeway my malloc allows. In the case of of C++ it is 24 bytes, so a SEGV occurred. Funny thing is that I traced this back to Sixth Edition UNIX, released in 1975."

9 of 162 comments (clear)

Min score:

Reason:

Sort:

Time to patch by Anonymous Coward · 2008-07-08 12:12 · Score: 5, Funny

Wouldn't want to let anyone take over your system with yacc. Seriously.
1. Re:Time to patch by slew · 2008-07-08 12:15 · Score: 5, Funny
  
  Wouldn't want to let anyone take over your system with yacc. Seriously.
  But ./ is already taken over with yak. Seriously.
Great! by Anonymous Coward · 2008-07-08 12:18 · Score: 5, Interesting

Any word on when they're going to fix the even older "Too many arguments" bug?
Sorry, but any modern system where a command like "ls a*" may or may not work, based exclusively on the number of files in the directory, is broken.
1. Re:Great! by The+Master+Control+P · 2008-07-08 12:39 · Score: 5, Funny
  
  I too was devastated to learn that my poor Linux box can only handle 128KB of command line arguments. How can I possibly finish typing in that uncompressed bitmap...
Re:bad omen by exley · 2008-07-08 12:41 · Score: 5, Funny

a 33 year old bug, plus a 25 year old bug (http://it.slashdot.org/article.pl?sid=08/05/11/1339228)....
if we keep going backwards, will the world implode?
Well since time began only 38.5 years ago we should find out the answer very soon!
Re:Other Unixes by X0563511 · 2008-07-08 13:19 · Score: 5, Informative

Yes. But OpenBSD fixed it, so they get credit for the fix. It's up to the maintainers of the other unix(ish) versions to implement the fix.

--
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
Re:Was it really a bug back then? by QuantumG · 2008-07-08 13:43 · Score: 5, Insightful

If you overflow a buffer then it's a bug, whether it is exploitable or not.

--
How we know is more important than what we know.
Re:Was it really a bug back then? by russlar · 2008-07-08 14:18 · Score: 5, Funny

If you overflow a buffer then it's a bug, whether it is exploitable or not.
If you can overflow an exabyte-sized memory buffer, you deserve a fucking medal.

--
Anybody want my mod points?
Hilarious! by BollocksToThis · 2008-07-08 17:06 · Score: 5, Funny

Funny thing is that I traced this back to Sixth Edition UNIX, released in 1975
My sides are completely split! Invite this guy to more parties.

--
This sig is part of your complete breakfast.