As a rule, stupidity is more likely than malice. The simple proof of this is that it’s easier to be incompetent than it is to be some grand chessmaster who sees all the pieces and manipulates them at a high level. So it is with Heartbleed.
Consider what had to go wrong for this bug to be introduced:
- Automatic checks in memory allocators were slow on a handful of platforms
- OpenSSL devs decide to put in a compile flag for using their own allocator, which is fast on all platforms
- OpenSSL devs stop testing builds compiled without the custom allocator
- OpenSSL is a general mess, making verifying the code difficult, and for bugs to generally go unnoticed for a long time
- The actual bug is introduced
A group that wanted to deliberately subvert OpenSSL would need all of that to go wrong. If OpenSSL had tested builds for all combinations of compile flags, Heartbleed wouldn’t have happened. If they hadn’t built a custom allocator in the first place, Heartbleed wouldn’t have happened.