apf: Fix bound-checking to allow accessing the last data byte.

Bug: 73804303 Test: runtest -x frameworks/base/tests/net/java/android/net/apf/ApfTest.java Change-Id: I3543eedac5998d6a1b16010b5dc8865e9cc24b5b
author: Bernie Innocenti <codewiz@google.com> 2018-04-02 14:52:50 +0900
committer: Bernie Innocenti <codewiz@google.com> 2018-04-02 18:54:03 +0900
commit: 7024456a1fb07f0a88ed8dbeeba41c21a4a40304 (patch)
tree: a97515a2cb459912a9e0a6cef0e4d295b70d6810 /apf_interpreter.c
parent: 75410970184bf98626342588ba2eabf79cda6d38 (diff)
download: apf-7024456a1fb07f0a88ed8dbeeba41c21a4a40304.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/apf_interpreter.c b/apf_interpreter.c
index f5e0072..e2f46cb 100644
--- a/apf_interpreter.c
+++ b/apf_interpreter.c
@@ -42,7 +42,7 @@ int accept_packet(const uint8_t* program, uint32_t program_len,
 // Is access to offset |p| length |size| within data bounds?
 #define IN_DATA_BOUNDS(p, size) (ENFORCE_UNSIGNED(p) && \
                                  ENFORCE_UNSIGNED(size) && \
-                                 (p) + (size) < data_len && \
+                                 (p) + (size) <= data_len && \
                                  (p) + (size) >= (p))  // catch wraparounds
 // Accept packet if not within program bounds
 #define ASSERT_IN_PROGRAM_BOUNDS(p) ASSERT_RETURN(IN_PROGRAM_BOUNDS(p))
author	Bernie Innocenti <codewiz@google.com>	2018-04-02 14:52:50 +0900
committer	Bernie Innocenti <codewiz@google.com>	2018-04-02 18:54:03 +0900
commit	7024456a1fb07f0a88ed8dbeeba41c21a4a40304 (patch)
tree	a97515a2cb459912a9e0a6cef0e4d295b70d6810 /apf_interpreter.c
parent	75410970184bf98626342588ba2eabf79cda6d38 (diff)
download	apf-7024456a1fb07f0a88ed8dbeeba41c21a4a40304.tar.gz