From 2b1fbf463148277a21aabc6ff1775a80feedb59f Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Tue, 5 Apr 2022 14:02:56 +0200
Subject: udp: Out-of-bounds read, CWE-125 in udp_timer()

Not an actual issue due to how it's typically stored, but udp_act
can also be used for ports 65528-65535. Reported by Coverity.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 udp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'udp.c')

diff --git a/udp.c b/udp.c
index cbd3ac8..86d806a 100644
--- a/udp.c
+++ b/udp.c
@@ -180,7 +180,7 @@ enum udp_act_type {
 };
 
 /* Activity-based aging for bindings */
-static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][USHRT_MAX / 8];
+static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][(USHRT_MAX + 1) / 8];
 
 /* Static buffers */
 
-- 
cgit v1.2.3