From: Rich Felker <dalias@aerifal.cx>
Date: Fri, 5 Sep 2014 18:01:13 +0000 (-0400)
Subject: fix off-by-one in bounds check in fpathconf
X-Git-Url: http://nsz.repo.hu/git/?a=commitdiff_plain;h=3bed89aa7456d9fe30e550cb5e21f8911036695b;hp=633183b5d1c298e4335da841926efe96252057b3;p=musl

fix off-by-one in bounds check in fpathconf

this error resulted in an out-of-bounds read, as opposed to a reported
error, when calling the function with an argument one greater than the
max valid index.
---

diff --git a/src/conf/fpathconf.c b/src/conf/fpathconf.c
index 28c4345c..8eb037e6 100644
--- a/src/conf/fpathconf.c
+++ b/src/conf/fpathconf.c
@@ -27,7 +27,7 @@ long fpathconf(int fd, int name)
 		[_PC_SYMLINK_MAX] = SYMLINK_MAX,
 		[_PC_2_SYMLINKS] = 1
 	};
-	if (name > sizeof(values)/sizeof(values[0])) {
+	if (name >= sizeof(values)/sizeof(values[0])) {
 		errno = EINVAL;
 		return -1;
 	}