From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefano Brivio <sbrivio@redhat.com>
To: passt-dev@passt.top
Subject: [PATCH 15/16] udp: Out-of-bounds read, CWE-125 in udp_timer()
Date: Tue, 05 Apr 2022 19:05:13 +0200
Message-ID: <20220405170514.2963773-16-sbrivio@redhat.com>
In-Reply-To: <20220405170514.2963773-1-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7948816317888965806=="

--===============7948816317888965806==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

Not an actual issue due to how it's typically stored, but udp_act
can also be used for ports 65528-65535. Reported by Coverity.

Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com>
---
 udp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/udp.c b/udp.c
index cbd3ac8..86d806a 100644
--- a/udp.c
+++ b/udp.c
@@ -180,7 +180,7 @@ enum udp_act_type {
 };
 
 /* Activity-based aging for bindings */
-static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][USHRT_MAX / 8];
+static uint8_t udp_act[IP_VERSIONS][UDP_ACT_TYPE_MAX][(USHRT_MAX + 1) / 8];
 
 /* Static buffers */
 
-- 
2.35.1


--===============7948816317888965806==--