Red Hat Bugzilla – Bug 76097
smartctl/smartd missing man pages
Last modified: 2015-01-04 17:02:01 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9) Gecko/20020513
Description of problem:
These are extremely useful utilities that can be used to monitor
hard disk reliability (in particular the SMART features of most
modern ATA hard disks). Unfortunately the redhat release left out the man pages.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
2.man smartctl (fails)
3.man smartd (fails)
Actual Results: No man pages
The original utilities are available from here:
Versions with some of the bugs fixed and improved (& consistent)
documentation can be found here:
The latter package also fixes an potential buffer overflow vulnerability
in the smartd and smartctl, which copy an arbitrary-length user input
into a fixed-length 256 byte buffer in ParseOpts.
This is replaced by a calls to getopt().
I don't think that the buffer overflow is exploitable since the code doesn't
normally run as SUID root, but I am not expert and am not sure