oldest bug in the world ?
roger willcocks
rkww at crosfield.co.uk
Tue Mar 5 01:38:58 AEST 1991
historical exercise: how long has the following bug been in the Bourne
shell ? It exists in both SVR2 (Uniplus) and SVR3 (MIPS risc/os 4.0),
and causes 'sh' to (essentially unpredictably) dump core.
In the file blok.c, function 'alloc' (#defined to be malloc) actually
returns a block of memory BYTESPERWORD too short. The last few bytes
contain a live linkword for the storage allocator.
Somebody obviously knew this at one time, because a couple of places
call 'alloc(xxx + BYTESPERWORD)'. But most places don't.
How has it worked for so long ? Or have I missed something obvious ?
--
Roger Willcocks "if it all worked we wouldn't have a job"
Crosfield Electronics Ltd [ any opinions expressed here are my own; ]
Hemel Hempstead, England [ CEL may disagree with any or all of them ]
+44 442 230000 rkww at cel.co.uk mcsun!cel!rkww at uunet.uu.net
More information about the Comp.unix.wizards
mailing list