From dfcad9d12cfecc6e4f86b4d8d45b79c5a631854e Mon Sep 17 00:00:00 2001
From: Alan Jowett <alanjo@microsoft.com>
Date: Mon, 22 Apr 2024 09:34:14 -0700
Subject: [PATCH] Validate jump target before updating vm->int_funcs (#432)

Signed-off-by: Alan Jowett <alan.jowett@microsoft.com>
Co-authored-by: Alan Jowett <alan.jowett@microsoft.com>
---
 vm/ubpf_vm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vm/ubpf_vm.c b/vm/ubpf_vm.c
index 2052a2bc..00ac2c20 100644
--- a/vm/ubpf_vm.c
+++ b/vm/ubpf_vm.c
@@ -1065,7 +1065,7 @@ validate(const struct ubpf_vm* vm, const struct ebpf_inst* insts, uint32_t num_i
                 }
             } else if (inst.src == 1) {
                 int call_target = i + (inst.imm + 1);
-                if (call_target < 0 || call_target > num_insts) {
+                if (call_target < 0 || call_target >= num_insts) {
                     *errmsg =
                         ubpf_error("call to local function (at PC %d) is out of bounds (target: %d)", i, call_target);
                     return false;