14 DAY TRIAL // BSD is short for Berkeley Software Distribution, and Open BSD, as the name suggests, is an open-source operating system, very similar to Unix. The flaw was discovered by Otto Moerbeek who works as an OpenBSD developer, and it seems to be dating from 1975. This is not the first time that researchers come across such ancient flaws ? one dating from 1983 was discovered a couple of months back.
There are several variants of BSD out there, such as OpenBSD, FreeBSD and NetBSD and they are all the basis of the operating system used by Mac OS X.
Otto Moerbeek comments: "But if the stack is at maximum size, this will overflow if an entry on the stack is larger than the 16 bytes leeway my malloc allows. In the case of C++ it is 24 bytes, so a SEGV occurred. Funny thing is that I traced this back to Sixth Edition UNIX, released in 1975."
Malloc is a general purpose memory allocator and if Otto had not been testing it, then the flaw would have remained hidden. This flaw seems to be in yacc, which is a parser generator that Stephen C. Johnson came up with way back in the day. The AT&T researcher developed the yacc in the 70s and it has been a part of Unix ever since.
Moerbeek did not only discover the flaw, he has also come up with a fix and has made it available to the general public.
The other OpenBSD flaw, the 25 year old one I briefly mentioned above, has been discovered by Marc Balmer from Sweden in May 2008, and it seems to affect all variants of BSD out there, even Mac OS X.
Marc Balmer commented at the time: "This code will not work as expected when seeking to the second entry of a block where the first has been deleted: seekdir() calls readdir() which happily skips the first entry (it has inode set to zero), and advance to the second entry. When the user now calls readdir() to read the directory entry to which he just seekdir()ed, he does not get the second entry but the third."