aboutgitcodebugslistschat
diff options
context:
space:
mode:
authorStefano Brivio <sbrivio@redhat.com>2022-04-05 14:02:56 +0200
committerStefano Brivio <sbrivio@redhat.com>2022-04-07 11:44:35 +0200
commit2b1fbf463148277a21aabc6ff1775a80feedb59f (patch)
tree39c7a2d40a53cd4ccff70a7cb50000e31c60b779
parent5ab2e12f98c369e0692327d58962d8cc394f89eb (diff)
downloadpasst-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar.gz
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar.bz2
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar.lz
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar.xz
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.tar.zst
passt-2b1fbf463148277a21aabc6ff1775a80feedb59f.zip
udp: Out-of-bounds read, CWE-125 in udp_timer()
Not an actual issue due to how it's typically stored, but udp_act can also be used for ports 65528-65535. Reported by Coverity. Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r--udp.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/udp.c b/udp.c
index cbd3ac8..86d806a 100644
--- a/udp.c
+++ b/udp.c
@@ -180,7 +180,7 @@ enum udp_act_type {
};
/* Activity-based aging for bindings */
-static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][USHRT_MAX / 8];
+static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][(USHRT_MAX + 1) / 8];
/* Static buffers */