diff options
| author | Jonathan Gray <jsg@cvs.openbsd.org> | 2023-03-23 01:41:13 +0000 |
|---|---|---|
| committer | Jonathan Gray <jsg@cvs.openbsd.org> | 2023-03-23 01:41:13 +0000 |
| commit | ad84685a7a9f20d1a72013ccbcce74b4f589386f (patch) | |
| tree | fbbc5f666beba6ba0a55779ba87527c6b25fe039 | |
| parent | ed0086bc8e7dd270b6fd049ddc6c38eb9ad5716c (diff) | |
fix off-by-one in pf_state_expires() bounds test
such a value would have triggered a KASSERT()
ok sashan@ deraadt@
| -rw-r--r-- | sys/net/pf.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index a1a334ffb1c..d1d5f20414f 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.1172 2023/03/04 10:55:37 sashan Exp $ */ +/* $OpenBSD: pf.c,v 1.1173 2023/03/23 01:41:12 jsg Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1640,8 +1640,8 @@ pf_state_expires(const struct pf_state *st, uint8_t stimeout) * next pass of the purge task. */ - /* handle all PFTM_* > PFTM_MAX here */ - if (stimeout > PFTM_MAX) + /* handle all PFTM_* >= PFTM_MAX here */ + if (stimeout >= PFTM_MAX) return (0); KASSERT(stimeout < PFTM_MAX); |