Wed Oct 5 12:19:32 EEST 2011

bug stories


i got involved in a bug in a major linux distro compromising their
update system if one can do "man in the middle" (e.g. DNS).

the bug had strange story. i forgot to pay the internet monthly bill.
the isp stopped my net, redirecting all pages to them telling
me to pay.

before the internet got working, i got local mail from cron
about apt-key not being able to import the html page as a key.
this drew my attention to the brain damaged part of apt-key.
the rest of the exploit was pure triviality.

another bug with a strange story was an openssl |use after free|.
i was generating rsa keys with another program.
imported in openssl a test key using middle clicking with the mouse.
unfortunately, i have failed to select a few digits of the number,
making a prime a composite (if the prime stayed prime the story would
have been different). basically this broke the math.
in addition openssl crashed, which was a bug.
it took some time to openssl developers to realize i didn't mind the
broken math but the crash.

a coincidence about several other bugs is they were found while
drinking coffee and smoking. no computer in the room, just relaxing.
suddenly i think of something i have read today and i find it quite
suspicious. leave the coffee and go to check. almost every time
i wasn't wrong about the suspicion.

certainly the majority of bugs were black labour (i don't think
|grep -rniI stuff *| is dead, though the prevailing opinion appears
different).

disclaimer: this is not a tutorial :)))

Posted by joro | Permanent link