From c8a7165f582c322628a9b07fc7e01d0aab184b48 Mon Sep 17 00:00:00 2001 From: Steven Siloti Date: Sun, 30 Mar 2014 21:20:26 -0700 Subject: [PATCH] sd-rtnl: fix off-by-one Also fix type parameter passed to new0 --- src/libsystemd/sd-rtnl/rtnl-message.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c index 526518409..4ace94ce1 100644 --- a/src/libsystemd/sd-rtnl/rtnl-message.c +++ b/src/libsystemd/sd-rtnl/rtnl-message.c @@ -911,11 +911,11 @@ int rtnl_message_parse(sd_rtnl_message *m, unsigned short type; size_t *tb; - tb = (size_t *) new0(size_t *, max); + tb = new0(size_t, max + 1); if(!tb) return -ENOMEM; - *rta_tb_size = max; + *rta_tb_size = max + 1; for (; RTA_OK(rta, rt_len); rta = RTA_NEXT(rta, rt_len)) { type = rta->rta_type; -- 2.30.2