Don't smash the stack in the '-x' option (local root exploit). The -x

option doesn't seem to actually _work_, but that's not my problem.
Don't install this binary setuid root: that's what UNIX file permissions
on the device node were invented for.

audio/fmio/files/patch-Makefile

@@ -0,0 +1,11 @@
+--- Makefile.orig	Wed Apr  4 07:10:07 2001
++++ Makefile	Fri Aug 10 23:25:54 2001
+@@ -26,7 +26,7 @@
+ install: lib fmio man
+ 	install -d -o root -g bin $(PREFIX)/bin
+ 	install -d -o root -g wheel $(PREFIX)/man/man1
+-	install -c -s -o root -g bin -m 4555 fmio $(PREFIX)/bin/fmio
++	install -c -s -o root -g bin -m 555 fmio $(PREFIX)/bin/fmio
+ 	install -c -o root -g bin -m 444 fmio.0 $(PREFIX)/man/cat1/fmio.0
+ 
+ deinstall:

audio/fmio/files/patch-mixer.c

@@ -0,0 +1,37 @@
+--- mixer.c.orig	Mon Apr  2 23:12:21 2001
++++ mixer.c	Fri Aug 10 23:22:04 2001
+@@ -49,6 +49,8 @@
+ static int num_channels;
+ #endif /* __OpenBSD__ || __NetBSD__ */
+ 
++#define MIN(a, b) ((a) < (b) ? (a) : (b))
++
+ static unsigned int volume;
+ 
+ static int
+@@ -167,7 +169,7 @@
+ 					break;
+ 			}
+ 		} else {
+-			fprintf(stderr, "Bad numbers %s", q);
++			fprintf(stderr, "Bad numbers %s\n", q);
+ 			return -1;
+ 		}
+ 	}
+@@ -298,9 +300,13 @@
+ 	int devlen, dev_volume;
+ 
+ 	devlen = strcspn(vol, "=");
+-	strncpy(dev, vol, devlen);
+-	strncpy(val, &vol[devlen+1], strlen(vol)-devlen-1);
+-
++	if (devlen == strlen(vol)) {
++		fprintf(stderr, "invalid volume specifier %s\n", vol);
++		return -1;
++	}
++	strlcpy(dev, vol, MIN(devlen + 1, sizeof(dev)));
++	strlcpy(val, &vol[devlen+1], MIN(strlen(vol)-devlen, sizeof(val)));
++	
+ #if defined (__OpenBSD__) || (__NetBSD__)
+ 
+ 	for ( ndev = 0 ; ; ndev++ ) {