Re: CVS commit: src/usr.sbin/sysinst
On 24.06.2018 21:52, Christos Zoulas wrote: > In article <0a88399a-0897-160e-6a56-ae328bd4c...@gmx.com>, > Kamil Rytarowski wrote: >> -=-=-=-=-=- >> -=-=-=-=-=- >> >>> This is not the correct fix. No change to set_status should happen at any >>> index >= SET_LAST, you are papering over the real bug. >>> >>> Please provide more information where this access happens if easily >>> available >>> (or let me debug it properly). > > Fixed. > > christos > Thanks! signature.asc Description: OpenPGP digital signature
Re: CVS commit: src/usr.sbin/sysinst
In article <0a88399a-0897-160e-6a56-ae328bd4c...@gmx.com>, Kamil Rytarowski wrote: >-=-=-=-=-=- >-=-=-=-=-=- > >> This is not the correct fix. No change to set_status should happen at any >> index >= SET_LAST, you are papering over the real bug. >> >> Please provide more information where this access happens if easily available >> (or let me debug it properly). Fixed. christos
Re: CVS commit: src/usr.sbin/sysinst
On 24.06.2018 08:31, Martin Husemann wrote: > On Sat, Jun 23, 2018 at 10:35:29PM +, Kamil Rytarowski wrote: >> Module Name: src >> Committed By:kamil >> Date:Sat Jun 23 22:35:29 UTC 2018 >> >> Modified Files: >> src/usr.sbin/sysinst: util.c >> >> Log Message: >> Enlarge the set_status[] array by a single element >> >> In the get_and_unpack_sets() function there is accessed the >> set_status[SET_GROUP_END] element in the array. The array is allocated on >> the stack with SET_GROUP_END elements. This means that it is 1 element too >> short. > > This is not the correct fix. No change to set_status should happen at any > index >= SET_LAST, you are papering over the real bug. > > Please provide more information where this access happens if easily available > (or let me debug it properly). > > Martin > Address Sanitizer report: http://netbsd.org/~kamil/mksanitizer-reports/0021-sysinst-sets.txt It happens just before unpacking the sets. signature.asc Description: OpenPGP digital signature
Re: CVS commit: src/usr.sbin/sysinst
On Sat, Jun 23, 2018 at 10:35:29PM +, Kamil Rytarowski wrote: > Module Name: src > Committed By: kamil > Date: Sat Jun 23 22:35:29 UTC 2018 > > Modified Files: > src/usr.sbin/sysinst: util.c > > Log Message: > Enlarge the set_status[] array by a single element > > In the get_and_unpack_sets() function there is accessed the > set_status[SET_GROUP_END] element in the array. The array is allocated on > the stack with SET_GROUP_END elements. This means that it is 1 element too > short. This is not the correct fix. No change to set_status should happen at any index >= SET_LAST, you are papering over the real bug. Please provide more information where this access happens if easily available (or let me debug it properly). Martin
