From d7fc1b7da4963321e9533aca360058014bec25e2 Mon Sep 17 00:00:00 2001 From: csjp Date: Sun, 15 Jan 2006 01:02:20 +0000 Subject: [PATCH] Fix potential overrun of static stack allocated array which stores the rules. If an array is N elements large, we can only access elements 0..(N-1). MFC after: 1 week Found with: Coverity Prevent(tm) --- sys/security/mac_bsdextended/mac_bsdextended.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/security/mac_bsdextended/mac_bsdextended.c b/sys/security/mac_bsdextended/mac_bsdextended.c index 39b3a5951288..512c19adf659 100644 --- a/sys/security/mac_bsdextended/mac_bsdextended.c +++ b/sys/security/mac_bsdextended/mac_bsdextended.c @@ -150,7 +150,7 @@ sysctl_rule(SYSCTL_HANDLER_ARGS) return (EINVAL); index = name[0]; - if (index > MAC_BSDEXTENDED_MAXRULES) + if (index >= MAC_BSDEXTENDED_MAXRULES) return (ENOENT); ruleptr = NULL;