31 lines
1018 B
Diff
31 lines
1018 B
Diff
From 4144571f87c094471419ef59e8bb89ef33cd1365 Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Mon, 10 Sep 2018 23:35:13 +0200
|
|
Subject: libxtables: Fix potential array overrun in xtables_option_parse()
|
|
|
|
If entry->type is to be used as array index, it needs to be at max one
|
|
less than that array's size.
|
|
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
---
|
|
libxtables/xtoptions.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
|
|
index ba3128bd..326febd5 100644
|
|
--- a/libxtables/xtoptions.c
|
|
+++ b/libxtables/xtoptions.c
|
|
@@ -844,7 +844,7 @@ void xtables_option_parse(struct xt_option_call *cb)
|
|
* a *RC option type.
|
|
*/
|
|
cb->nvals = 1;
|
|
- if (entry->type <= ARRAY_SIZE(xtopt_subparse) &&
|
|
+ if (entry->type < ARRAY_SIZE(xtopt_subparse) &&
|
|
xtopt_subparse[entry->type] != NULL)
|
|
xtopt_subparse[entry->type](cb);
|
|
/* Exclusion with other flags tested later in finalize. */
|
|
--
|
|
cgit v1.2.1
|
|
|