On Sat, Jun 23, 2018 at 10:35:29PM +0000, Kamil Rytarowski wrote: > Module Name: src > Committed By: kamil > Date: Sat Jun 23 22:35:29 UTC 2018 > > Modified Files: > src/usr.sbin/sysinst: util.c > > Log Message: > Enlarge the set_status[] array by a single element > > In the get_and_unpack_sets() function there is accessed the > set_status[SET_GROUP_END] element in the array. The array is allocated on > the stack with SET_GROUP_END elements. This means that it is 1 element too > short.
This is not the correct fix. No change to set_status should happen at any index >= SET_LAST, you are papering over the real bug. Please provide more information where this access happens if easily available (or let me debug it properly). Martin
