diff options
author | Phil Sutter <phil@nwl.cc> | 2016-08-12 01:33:35 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-12 01:45:40 +0200 |
commit | cca54d5e9c3f436cd85bc55415c08bf671bfefe6 (patch) | |
tree | e62aad0cce676d406c0a1b8c3b8f22a52e51df2b /src/expr | |
parent | d29f0825c33af8c53a939b7f0e8d5beb2ed48c83 (diff) |
expr/ct: prevent array index overrun in ctkey2str()
The array has NFT_CT_MAX fields, so indices must be less than that
number.
Fixes: 977b7a1dbe1bd ("ct: xml: use key names instead of numbers")
Cc: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr')
-rw-r--r-- | src/expr/ct.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/expr/ct.c b/src/expr/ct.c index 7d96df4..1a53b49 100644 --- a/src/expr/ct.c +++ b/src/expr/ct.c @@ -173,7 +173,7 @@ static const char *ctkey2str_array[NFT_CT_MAX] = { static const char *ctkey2str(uint32_t ctkey) { - if (ctkey > NFT_CT_MAX) + if (ctkey >= NFT_CT_MAX) return "unknown"; return ctkey2str_array[ctkey]; |