This patch fixes a one-byte buffer overflow.

Apply by doing:
	cd /usr/src
	patch -p0 < 005_ftpd.patch

And then rebuild and install ftpd:
	cd libexec/ftpd
	make obj
	make depend
	make
	make install

Index: libexec/ftpd/ftpd.c
===================================================================
RCS file: /cvs/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.79
diff -u -r1.79 ftpd.c
--- libexec/ftpd/ftpd.c	2000/09/15 07:13:45	1.79
+++ libexec/ftpd/ftpd.c	2000/12/05 17:06:29
@@ -1959,15 +1959,21 @@
 replydirname(name, message)
 	const char *name, *message;
 {
+	char *p, *ep;
 	char npath[MAXPATHLEN];
-	int i;
 
-	for (i = 0; *name != '\0' && i < sizeof(npath) - 1; i++, name++) {
-		npath[i] = *name;
-		if (*name == '"')
-			npath[++i] = '"';
+	p = npath;
+	ep = &npath[sizeof(npath) - 1];
+	while (*name) {
+		if (*name == '"' && ep - p >= 2) {
+			*p++ = *name++;
+			*p++ = '"';
+		} else if (ep - p >= 1)
+			*p++ = *name++;
+		else
+			break;
 	}
-	npath[i] = '\0';
+	*p = '\0';
 	reply(257, "\"%s\" %s", npath, message);
 }