[TUHS] Buffer overflow found/fixed in v4 tape ;)
Douglas McIlroy via TUHS
tuhs at tuhs.org
Tue Jan 6 01:19:52 AEST 2026
So somebody spotted a buffer overflow in v4.5, ironically in su.
Overflowable buffers were common in those days. It was all too easy
when programming to shrug one's shoulders and opine that nobody would
ever want to input a 200-character line, say, so why bother writing
the extra code to catch it? We did gradually learn that automatically
generated input lines--particularly lines of code--could be much
longer than any person would write, so buffer overflows that actually
happened gradually got fixed.
Dennis once fed a couple-of-thousand-byte line on standard input to
everything in /bin. Crashes abounded, but so what? Wasn't a crash just
an ungraceful way for a program to say "I can't handle this"? Not
until the Morris worm (1988) did folks wake up to the real danger of
overflows.
Sometime after Dennis's casual experiment, a paper that announced the
same results got the reaction, "So what else is new?" from the Unix
room. It would be interesting to find the paper and compare its
"shocked, shocked" presentation to that of the rediscovery posted on
the cryptography mailing list.
Doug
More information about the TUHS
mailing list