Fix the test to prevent overflowing the stack buffer for boolean expressions.
Signed-off-by: Stephen Smalley <[email protected]> --- libsepol/cil/src/cil_tree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/cil/src/cil_tree.c b/libsepol/cil/src/cil_tree.c index 2abbb96c..1b04fe68 100644 --- a/libsepol/cil/src/cil_tree.c +++ b/libsepol/cil/src/cil_tree.c @@ -339,7 +339,7 @@ static int cil_expr_to_string(struct cil_list *expr, char **out) int pos = 0; cil_list_for_each(curr, expr) { - if (pos > COND_EXPR_MAXDEPTH) { + if (pos >= COND_EXPR_MAXDEPTH) { rc = SEPOL_ERR; goto exit; } -- 2.14.3
