gprs_cipher_core: Fix potential buffer overflows
detected by Smatch
diff --git a/src/gsm/gprs_cipher_core.c b/src/gsm/gprs_cipher_core.c
index 7884be0..b9a22a1 100644
--- a/src/gsm/gprs_cipher_core.c
+++ b/src/gsm/gprs_cipher_core.c
@@ -36,7 +36,7 @@
/* register a cipher with the core */
int gprs_cipher_register(struct gprs_cipher_impl *ciph)
{
- if (ciph->algo > ARRAY_SIZE(selected_ciphers))
+ if (ciph->algo >= ARRAY_SIZE(selected_ciphers))
return -ERANGE;
llist_add_tail(&ciph->list, &gprs_ciphers);
@@ -60,7 +60,7 @@
int gprs_cipher_run(uint8_t *out, uint16_t len, enum gprs_ciph_algo algo,
uint64_t kc, uint32_t iv, enum gprs_cipher_direction dir)
{
- if (algo > ARRAY_SIZE(selected_ciphers))
+ if (algo >= ARRAY_SIZE(selected_ciphers))
return -ERANGE;
if (!selected_ciphers[algo])
@@ -75,7 +75,7 @@
int gprs_cipher_supported(enum gprs_ciph_algo algo)
{
- if (algo > ARRAY_SIZE(selected_ciphers))
+ if (algo >= ARRAY_SIZE(selected_ciphers))
return -ERANGE;
if (selected_ciphers[algo])