An n-sized pool, or a pool with n entries, doesn't include index n, only up to n - 1. I'm not entirely sure this sanity check actually covers any practical case, but I spotted this while debugging a hang in tap4_handler() (possibly due to malformed sequence entries from qemu). Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com> --- packet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packet.c b/packet.c index 3f82e84..d1ff998 100644 --- a/packet.c +++ b/packet.c @@ -87,7 +87,7 @@ void packet_add_do(struct pool *p, size_t len, const char *start, void *packet_get_do(const struct pool *p, size_t index, size_t offset, size_t len, size_t *left, const char *func, int line) { - if (index > p->size || index > p->count) { + if (index >= p->size || index >= p->count) { if (func) { trace("packet %lu from pool size: %lu, count: %lu, " "%s:%i", index, p->size, p->count, func, line); -- 2.35.1