Tweak mod_read() range check on packet code (CID #1419883?)

buffer[0] is used as index into fr_radius_packet_names[], so
allowing FR_PACKET_CODE_MAX will fall off the end. This may
placate coverity, but I believe it is needed in any case.

diff --git a/src/listen/radius/proto_radius_tcp.c b/src/listen/radius/proto_radius_tcp.c
index e228824f53267374356add8956cbcf236fc62741..46f0157147011c059d5ca40c80ac799883c7681e 100644 (file)
--- a/src/listen/radius/proto_radius_tcp.c
+++ b/src/listen/radius/proto_radius_tcp.c
@@ -134,7 +134,7 @@ static ssize_t mod_read(fr_listen_t *li, UNUSED void **packet_ctx, fr_time_t *re
        /*
         *      We MUST always start with a known RADIUS packet.
         */
-       if ((buffer[0] == 0) || (buffer[0] > FR_RADIUS_CODE_MAX)) {
+       if ((buffer[0] == 0) || (buffer[0] >= FR_RADIUS_CODE_MAX)) {
                DEBUG("proto_radius_tcp got invalid packet code %d", buffer[0]);
                thread->stats.total_unknown_types++;
                return -1;