The underhanded C contest has many examples of malicious code that appear like plausible bugs. An intentional but rare buffer overflow would be a perfect backdoor.