From 0cdbeb51b52bf0325626ffe88d1e851231b8b7e9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vladimir.cunat@nic.cz>
Date: Fri, 13 Sep 2024 10:24:31 +0200
Subject: [PATCH] daemon/session2: more Coverity in *wrap_after()

Let's assert that we don't run over the edge.
If I look right, so far we don't use this in a way
that this could happen, and I can't see how it would make sense.
---
 daemon/session2.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/daemon/session2.c b/daemon/session2.c
index 217c06eb5..0be121fae 100644
--- a/daemon/session2.c
+++ b/daemon/session2.c
@@ -1193,8 +1193,9 @@ int session2_unwrap_after(struct session2 *s, enum protolayer_type protocol,
                           protolayer_finished_cb cb, void *baton)
 {
 	ssize_t layer_ix = session2_get_protocol(s, protocol);
-	if (layer_ix < 0)
-		return layer_ix;
+	bool ok = layer_ix >= 0 && layer_ix + 1 < protolayer_grps[s->proto].num_layers;
+	if (kr_fails_assert(ok)) // not found or "last layer"
+		return kr_error(EINVAL);
 	return session2_submit(s, PROTOLAYER_UNWRAP,
 			layer_ix + 1, payload, comm, cb, baton);
 }
@@ -1214,8 +1215,8 @@ int session2_wrap_after(struct session2 *s, enum protolayer_type protocol,
                         protolayer_finished_cb cb, void *baton)
 {
 	ssize_t layer_ix = session2_get_protocol(s, protocol);
-	if (layer_ix < 0)
-		return layer_ix;
+	if (kr_fails_assert(layer_ix > 0)) // not found or "last layer"
+		return kr_error(EINVAL);
 	return session2_submit(s, PROTOLAYER_WRAP, layer_ix - 1,
 			payload, comm, cb, baton);
 }
-- 
2.47.2