[XFRM]: Prevent off-by-one access to xfrm_dispatch

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Makes the type > XFRM_MSG_MAX check behave correctly to
protect access to xfrm_dispatch.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Thomas Graf and committed by

David S. Miller 21 years ago 526bdb80 e4553edd

+2 -1

1 changed file

expand all

include

linux

xfrm.h

+2 -1

include/linux/xfrm.h

··· 140 140 XFRM_MSG_FLUSHPOLICY, 141 141 #define XFRM_MSG_FLUSHPOLICY XFRM_MSG_FLUSHPOLICY 142 142 143 - XFRM_MSG_MAX 143 + __XFRM_MSG_MAX 144 144 }; 145 + #define XFRM_MSG_MAX (__XFRM_MSG_MAX - 1) 145 146 146 147 struct xfrm_user_tmpl { 147 148 struct xfrm_id id;