Linked by David Adams on Fri 11th Jul 2008 01:55 UTC, submitted by ohxten
BSD and Darwin derivatives An ancient (at least 33 years old) stack-overflow bug has been discovered and fixed in yacc, thanks to a new malloc() implementation by Otto Moerbeek. More info and a complete description of the bug can be found here.
Order by: Score:
Great!
by obsidian on Fri 11th Jul 2008 03:28 UTC
obsidian
Member since:
2007-05-12

Good ol' OpenBSD - outstanding, as always!

Reply Score: 7

RE: Great!
by flanque on Fri 11th Jul 2008 03:42 UTC in reply to "Great! "
flanque Member since:
2005-12-15

It's great it took 33 years?

Maybe from Microsoft, but BSD..

Reply Score: 0

RE[2]: Great!
by obsidian on Fri 11th Jul 2008 03:56 UTC in reply to "RE: Great! "
obsidian Member since:
2007-05-12

It's great that in the course of improving the OS itself, a bug elsewhere was found and fixed.

Given that the bug was in *yacc* (not in OpenBSD itself), it's not surprising that it remained for so long. This fix deserves credit in that even though the bug was outside OpenBSD, it was still fixed when found (not left for someone else to do).

Put it this way - Microsoft have been around for decades too, but despite their tens of billions of dollars (and thousands of programmers), they still haven't come up with an OS that is anywhere near as secure and robust as OpenBSD. Heck, they couldn't even come up with a firewall as good as *pf* ;)

Edited 2008-07-11 03:57 UTC

Reply Score: 5

v Oh my god
by AnXa on Fri 11th Jul 2008 04:57 UTC
RE: Oh my god
by Lazarus on Fri 11th Jul 2008 06:09 UTC in reply to "Oh my god"
Lazarus Member since:
2005-08-10

"Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that's why it wasn't discovered sooner."

It wasn't discovered sooner because it was obscure, not because it wasn't a part of OpenBSD. The new malloc implementation made the broken code fail reliably so it could be tracked down and fixed.

Please, read articles before you comment on them ;^)

Reply Score: 6

Comment by defdog99
by defdog99 on Fri 11th Jul 2008 16:07 UTC
defdog99
Member since:
2006-09-06

So tools like valgrind and Parasoft's Insure++ weren't able to catch this ?

Edited 2008-07-11 16:07 UTC

Reply Score: 1

v JSenior Match
by kikiloveu2 on Fri 11th Jul 2008 16:07 UTC
Soon on the news
by magico on Fri 11th Jul 2008 19:43 UTC
magico
Member since:
2005-07-12

A pre-historic bug, at least with 4500 years was found in the Great Pyramid of Giza. The issue involves the security mechanism of opening a Stargate from another universe.

It's in current analysis if this behaviour was due to another change in the OpenBSD kernel code or if it was present all the time. If so, it's OpenBSD fault for planet Earth been invaded by aliens.

Reply Score: 3