Linked by David Adams on Fri 11th Jul 2008 01:55 UTC, submitted by ohxten
BSD and Darwin derivatives An ancient (at least 33 years old) stack-overflow bug has been discovered and fixed in yacc, thanks to a new malloc() implementation by Otto Moerbeek. More info and a complete description of the bug can be found here.
Thread beginning with comment 322433
To read all comments associated with this story, please click here.
Oh my god
by AnXa on Fri 11th Jul 2008 04:57 UTC
AnXa
Member since:
2008-02-10

How did I miss this? 33 years of old bug in BSD? And not just in "AnyBSD" but in OpenBSD. WTF?!? It's supposed to be most secure operating system in the known universe. :E

Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that's why it wasn't discovered sooner.

Edited 2008-07-11 04:59 UTC

Reply Score: -1

RE: Oh my god
by Lazarus on Fri 11th Jul 2008 06:09 in reply to "Oh my god"
Lazarus Member since:
2005-08-10

"Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that's why it wasn't discovered sooner."

It wasn't discovered sooner because it was obscure, not because it wasn't a part of OpenBSD. The new malloc implementation made the broken code fail reliably so it could be tracked down and fixed.

Please, read articles before you comment on them ;^)

Reply Parent Score: 6