From ff8bae8938532d95f792258d2c520705e095e7af Mon Sep 17 00:00:00 2001
From: Simon Wilkinson <sxw@your-file-system.com>
Date: Thu, 28 Feb 2013 13:45:00 +0000
Subject: [PATCH] Unix CM: Don't overflow ICL logs array

When checking whether a user supplied index into the ICL logs array
is out of bounds, we need to check whether it is greater or equal
to the maxmimum number of elements. Otherwise we can access one
more than the number of elements in the array.

Caught by coverity (#985567)

Change-Id: Id90f02eae1d5689b9b2c9a82bce0e503941387da
Reviewed-on: http://gerrit.openafs.org/9311
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/afs/afs_icl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/afs/afs_icl.c b/src/afs/afs_icl.c
index 60520e103..dd16907ec 100644
--- a/src/afs/afs_icl.c
+++ b/src/afs/afs_icl.c
@@ -240,7 +240,7 @@ Afscall_icl(long opcode, long p1, long p2, long p3, long p4, long *retval)
 	setp = afs_icl_FindSet(tname);
 	if (!setp)
 	    return ENOENT;
-	if (p2 > ICL_LOGSPERSET)
+	if (p2 >= ICL_LOGSPERSET)
 	    return EINVAL;
 	if (!(tlp = setp->logs[p2]))
 	    return EBADF;
-- 
2.39.5