From 691a834cb78c423c6de4df1592447abbb67f2bd1 Mon Sep 17 00:00:00 2001 From: Alan Somers Date: Tue, 12 Nov 2019 23:03:52 +0000 Subject: [PATCH] sesutil: fix an out-of-bounds array access sesutil would allow the user to toggle an LED that was one past the maximum element. If he tried, ENCIOC_GETELMSTAT would return EINVAL. Reported by: Coverity Coverity CID: 1398940 MFC after: 2 weeks Sponsored by: Axcient --- usr.sbin/sesutil/sesutil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/sesutil/sesutil.c b/usr.sbin/sesutil/sesutil.c index 21c48cc38c6f..7bc7d108d4b1 100644 --- a/usr.sbin/sesutil/sesutil.c +++ b/usr.sbin/sesutil/sesutil.c @@ -247,7 +247,7 @@ sesled(int argc, char **argv, bool setfault) } if (isses) { - if (sesid > nobj) { + if (sesid >= nobj) { close(fd); xo_errx(EXIT_FAILURE, "Requested SES ID does not exist");