On 24.06.2018 08:31, Martin Husemann wrote: > On Sat, Jun 23, 2018 at 10:35:29PM +0000, Kamil Rytarowski wrote: >> Module Name: src >> Committed By: kamil >> Date: Sat Jun 23 22:35:29 UTC 2018 >> >> Modified Files: >> src/usr.sbin/sysinst: util.c >> >> Log Message: >> Enlarge the set_status[] array by a single element >> >> In the get_and_unpack_sets() function there is accessed the >> set_status[SET_GROUP_END] element in the array. The array is allocated on >> the stack with SET_GROUP_END elements. This means that it is 1 element too >> short. > > This is not the correct fix. No change to set_status should happen at any > index >= SET_LAST, you are papering over the real bug. > > Please provide more information where this access happens if easily available > (or let me debug it properly). > > Martin > Address Sanitizer report: http://netbsd.org/~kamil/mksanitizer-reports/0021-sysinst-sets.txt It happens just before unpacking the sets.
Attachment:
signature.asc
Description: OpenPGP digital signature