Hi, As noted on the vuln-dev list recently, the diskpart(1) program in -stable is susceptible to a buffer overflow in the parsing of command-line arguments. This is a low-risk problem, since diskpart(1) is not - and has never been, and has no reason to ever be - a privileged program, but still, there should be no harm in fixing it :)
Attached are two patches: a trivial one which just fixes up two problems in diskpart's argument parsing, and a more complex one, which does it "the right way" IMHO, using getopt(3). Comments? G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED] [EMAIL PROTECTED] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 .siht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI
msg38425/pgp00000.pgp
Description: PGP signature
