Help coverity see validation of field_len (#5059)

author James Jones <jejones3141@gmail.com>

Wed, 14 Jun 2023 16:15:09 +0000 (11:15 -0500)

committer GitHub <noreply@github.com>

Wed, 14 Jun 2023 16:15:09 +0000 (12:15 -0400)
author James Jones <jejones3141@gmail.com>
Wed, 14 Jun 2023 16:15:09 +0000 (11:15 -0500)
committer GitHub <noreply@github.com>
Wed, 14 Jun 2023 16:15:09 +0000 (12:15 -0400)
diff --git a/src/protocols/tacacs/decode.c b/src/protocols/tacacs/decode.c

index b4c6a1c9260ada3c82dfa41da6fb08ae20d3d6bd..bc5884892ac0ddc5ffcb94acf2b81910972a9769 100644 (file)
--- a/src/protocols/tacacs/decode.c
+++ b/src/protocols/tacacs/decode.c
@@ -374,7 +374,7 @@ static int tacacs_decode_field(TALLOC_CTX *ctx, fr_pair_list_t *out, fr_dict_att
         uint8_t const *p = *field_data;
         fr_pair_t *vp;
  
-       if ((p + field_len) > end) {
+       if (field_len > (end - p)) {
                 fr_strerror_printf("'%s' length %u overflows the remaining data (%zu) in the packet",
                                    da->name, field_len, end - p);
                 return -1;
author	James Jones <jejones3141@gmail.com>
	Wed, 14 Jun 2023 16:15:09 +0000 (11:15 -0500)
committer	GitHub <noreply@github.com>
	Wed, 14 Jun 2023 16:15:09 +0000 (12:15 -0400)