libxtables: Fix potential array overrun in xtables_option_parse()

If entry->type is to be used as array index, it needs to be at max one
less than that array's size.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/libxtables/xtoptions.c b/libxtables/xtoptions.c
index ba3128bdbeb6b48cff284a06f01a5833423c2a84..326febd50dc906ff3dbfaf38f83578fb52b20634 100644 (file)
--- a/libxtables/xtoptions.c
+++ b/libxtables/xtoptions.c
@@ -844,7 +844,7 @@ void xtables_option_parse(struct xt_option_call *cb)
         * a *RC option type.
         */
        cb->nvals = 1;
-       if (entry->type <= ARRAY_SIZE(xtopt_subparse) &&
+       if (entry->type < ARRAY_SIZE(xtopt_subparse) &&
            xtopt_subparse[entry->type] != NULL)
                xtopt_subparse[entry->type](cb);
        /* Exclusion with other flags tested later in finalize. */