An ancient (at least 33 years old) stack-overflow bug has been discovered and fixed in yacc, thanks to a new malloc() implementation by Otto Moerbeek. More info and a complete description of the bug can be found here.
Post a Comment
Member since:
2007-05-12
Member since:2005-12-15
Member since:2007-05-12
It's great that in the course of improving the OS itself, a bug elsewhere was found and fixed.
Given that the bug was in *yacc* (not in OpenBSD itself), it's not surprising that it remained for so long. This fix deserves credit in that even though the bug was outside OpenBSD, it was still fixed when found (not left for someone else to do).
Put it this way - Microsoft have been around for decades too, but despite their tens of billions of dollars (and thousands of programmers), they still haven't come up with an OS that is anywhere near as secure and robust as OpenBSD. Heck, they couldn't even come up with a firewall as good as *pf* 
Edited 2008-07-11 03:57 UTC
Member since:2005-08-10
"Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that's why it wasn't discovered sooner."
It wasn't discovered sooner because it was obscure, not because it wasn't a part of OpenBSD. The new malloc implementation made the broken code fail reliably so it could be tracked down and fixed.
Please, read articles before you comment on them ;^)
Member since:
2006-09-06
Member since:
2005-07-12
A pre-historic bug, at least with 4500 years was found in the Great Pyramid of Giza. The issue involves the security mechanism of opening a Stargate from another universe.
It's in current analysis if this behaviour was due to another change in the OpenBSD kernel code or if it was present all the time. If so, it's OpenBSD fault for planet Earth been invaded by aliens.
