summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonathan Gray <jsg@cvs.openbsd.org>2021-12-23 09:16:00 +0000
committerJonathan Gray <jsg@cvs.openbsd.org>2021-12-23 09:16:00 +0000
commitf5a35ae35dbcaf80410d1ae524484800008fe501 (patch)
tree058aeccc4cca6050d6489ccb1968f5b561643cf9
parent0404d7dcdc19b273e7d6b411216772e3a42c87cc (diff)
fix off by one in bounds test
ok tobhe@
-rw-r--r--sbin/iked/parse.y4
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 881d4aa901c..c714e569b50 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.138 2021/12/01 16:42:13 deraadt Exp $ */
+/* $OpenBSD: parse.y,v 1.139 2021/12/23 09:15:59 jsg Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@@ -2488,7 +2488,7 @@ create_ike(char *name, int af, struct ipsec_addr_wrap *ipproto,
pol.pol_af = af;
pol.pol_saproto = saproto;
for (i = 0, ipp = ipproto; ipp; ipp = ipp->next, i++) {
- if (i > IKED_IPPROTO_MAX) {
+ if (i >= IKED_IPPROTO_MAX) {
yyerror("too many protocols");
return (-1);
}