From: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Thu, 11 Sep 2025 13:27:27 +0000 (+0000)
Subject: Fix off-by-one in helper args count assertion (#2212)
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=bcfcb68d32d217966abcb2a2ced92287d0209b9c;p=thirdparty%2Fsquid.git

Fix off-by-one in helper args count assertion (#2212)

The `nargs` value should now be pointing past both the
`HELPER_MAX_ARGS` and the additional terminator. i.e. outside
the valid array space. This is okay because it is an absolute
counter (1-based) not an offset (0-based) despite how it is
used to fill the array.
---

diff --git a/src/helper.cc b/src/helper.cc
index 0cead6f48b..58a4a2f022 100644
--- a/src/helper.cc
+++ b/src/helper.cc
@@ -238,7 +238,7 @@ Helper::Client::openSessions()
     args[nargs] = nullptr;
     ++nargs;
 
-    assert(nargs <= HELPER_MAX_ARGS);
+    assert(nargs <= HELPER_MAX_ARGS + 1);
 
     int successfullyStarted = 0;
 
@@ -372,7 +372,7 @@ statefulhelper::openSessions()
     args[nargs] = nullptr;
     ++nargs;
 
-    assert(nargs <= HELPER_MAX_ARGS);
+    assert(nargs <= HELPER_MAX_ARGS + 1);
 
     int successfullyStarted = 0;