Contributed by Peter N. M. Hansteen on from the all the fuzzies dept.
florian@) wanted to know if something similar lurked in the OpenBSD code as well.
The result of his investigation can be found in the article called Fuzzing ping(8) … and finding a 24 year old bug., which leads in,
FreeBSD had a security fluctuation in their implementation of
ping(8)the other day. As someone who has done a lot of work on
ping(8)in OpenBSD this tickled my interests.
What about OpenBSD?
Read the rest of the article here. It is quite a story, with lessons to be considered by anyone working on code that's been around a few years or decades.
As Florian mentions in his post, the fix has been committed to the repo (with a subsequent tweak).
(Comments are closed)
By Will Backman (bitgeist) firstname.lastname@example.org on http://bsdtalk.blogspot.com
Looking forward to seeing what gets fuzzed next!