Home > BSD & Darwin > New malloc() Implementation Fixes Ancient Bug in yacc New malloc() Implementation Fixes Ancient Bug in yacc Submitted by ohxten 2008-07-11 BSD & Darwin 8 Comments An ancient (at least 33 years old) stack-overflow bug has been discovered and fixed in yacc, thanks to a new malloc() implementation by Otto Moerbeek. More info and a complete description of the bug can be found here. About The Author David Adams Follow me on Twitter @david_adams 8 Comments 2008-07-11 3:28 am obsidian Good ol’ OpenBSD – outstanding, as always! 2008-07-11 3:42 am flanque It’s great it took 33 years? Maybe from Microsoft, but BSD.. 2008-07-11 3:56 am obsidian It’s great that in the course of improving the OS itself, a bug elsewhere was found and fixed. Given that the bug was in *yacc* (not in OpenBSD itself), it’s not surprising that it remained for so long. This fix deserves credit in that even though the bug was outside OpenBSD, it was still fixed when found (not left for someone else to do). Put it this way – Microsoft have been around for decades too, but despite their tens of billions of dollars (and thousands of programmers), they still haven’t come up with an OS that is anywhere near as secure and robust as OpenBSD. Heck, they couldn’t even come up with a firewall as good as *pf* Edited 2008-07-11 03:57 UTC 2008-07-11 4:57 am AnXa How did I miss this? 33 years of old bug in BSD? And not just in “AnyBSD” but in OpenBSD. WTF?!? It’s supposed to be most secure operating system in the known universe. :E Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that’s why it wasn’t discovered sooner. Edited 2008-07-11 04:59 UTC 2008-07-11 6:09 am Lazarus “Edit: It seems that yacc is not technicly a part of OpenBSD so I guess that’s why it wasn’t discovered sooner.” It wasn’t discovered sooner because it was obscure, not because it wasn’t a part of OpenBSD. The new malloc implementation made the broken code fail reliably so it could be tracked down and fixed. Please, read articles before you comment on them ;^) 2008-07-11 4:07 pm defdog99 So tools like valgrind and Parasoft’s Insure++ weren’t able to catch this ? Edited 2008-07-11 16:07 UTC 2008-07-11 4:07 pm kikiloveu2 Sons of family should pay more attentions to your fathers and mothers. They are feeling lonely on their ages now. Some seniors are finding their new funny talking at a boomer match site named ***JSenior Match . co M*** . Let them post their profiles there and help them find a soul mate. 2008-07-11 7:43 pm magico A pre-historic bug, at least with 4500 years was found in the Great Pyramid of Giza. The issue involves the security mechanism of opening a Stargate from another universe. It’s in current analysis if this behaviour was due to another change in the OpenBSD kernel code or if it was present all the time. If so, it’s OpenBSD fault for planet Earth been invaded by aliens.