From 4a1b67527862c687f523470bda441a954d00a9af Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Mon, 19 Sep 2022 22:15:04 +0200
Subject: conf, tcp, udp: Arrays for ports need 2^16 values, not 2^16-8

Reported by David but also by Coverity (CWE-119):

	In conf_ports: Out-of-bounds access to a buffer

...not in practice, because the allocation size is rounded up
anyway, but not nice either.

Reported-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 conf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'conf.c')

diff --git a/conf.c b/conf.c
index d80233c..7ecfa1e 100644
--- a/conf.c
+++ b/conf.c
@@ -127,8 +127,8 @@ static int conf_ports(struct ctx *c, char optname, const char *optarg,
 {
 	int start_src, end_src, start_dst, end_dst, exclude_only = 1, i, port;
 	char addr_buf[sizeof(struct in6_addr)] = { 0 }, *addr = addr_buf;
+	uint8_t *map, exclude[DIV_ROUND_UP(USHRT_MAX, 8)] = { 0 };
 	void (*remap)(in_port_t port, in_port_t delta);
-	uint8_t *map, exclude[USHRT_MAX / 8] = { 0 };
 	char buf[BUFSIZ], *sep, *spec, *p;
 	sa_family_t af = AF_UNSPEC;
 
-- 
cgit v1.2.3