[PATCH 05/11] hornet: gen_sig: fix off-by-one check for used maps
Paul Moore
paul at paul-moore.com
Thu May 28 21:22:38 UTC 2026
On Wed, May 27, 2026 at 11:09 PM Blaise Boscaccy
<bboscaccy at linux.microsoft.com> wrote:
>
> A logic bug limited the maximum number of used maps to
> MAX_USED_MAPS-1.
Should this be MAX_HASHES-1 and not MAX_USED_MAPS-1?
> Signed-off-by: Blaise Boscaccy <bboscaccy at linux.microsoft.com>
> ---
> scripts/hornet/gen_sig.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/hornet/gen_sig.c b/scripts/hornet/gen_sig.c
> index b4f983ab24bcd..4e8caad22f381 100644
> --- a/scripts/hornet/gen_sig.c
> +++ b/scripts/hornet/gen_sig.c
> @@ -317,11 +317,11 @@ int main(int argc, char **argv)
> data_path = optarg;
> break;
> case 'A':
> - hashes[hash_count].file = optarg;
> - if (++hash_count >= MAX_HASHES) {
> + if (hash_count >= MAX_HASHES) {
> usage(argv[0]);
> return EXIT_FAILURE;
> }
> + hashes[hash_count++].file = optarg;
> break;
> default:
> usage(argv[0]);
> --
> 2.53.0
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list