fbt_typoff_init: fix an off by one in determining required memory size

This issue would be silent most of the time, but if the requested memory
is a multiple of a page size, then accessing one element beyond the end
would lead to a kernel page fault.
Otherwise, the unlucky last type would just be inaccessible.

Reported by:	glebius
Tested by:	glebius
MFC after:	6 days
This commit is contained in:
Andriy Gapon 2013-03-23 08:48:44 +00:00
parent 25bcd53216
commit a47016e9a9

View File

@ -777,6 +777,8 @@ fbt_typoff_init(linker_ctf_t *lc)
pop[kind]++;
}
/* account for a sentinel value below */
ctf_typemax++;
*lc->typlenp = ctf_typemax;
if ((xp = malloc(sizeof(uint32_t) * ctf_typemax, M_LINKER, M_ZERO | M_WAITOK)) == NULL)