From 0c80e694709f9411f5eaf96f5b8bddcd1efd2972 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Tue, 15 Feb 2022 10:27:34 +0100
Subject: [PATCH] MINOR: quic: Possible frame parsers array overrun

This should fix CID 1469663 for GH #1546.
---
 src/quic_frame.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/quic_frame.c b/src/quic_frame.c
index 721b5e02d..0adce4c1f 100644
--- a/src/quic_frame.c
+++ b/src/quic_frame.c
@@ -1094,7 +1094,7 @@ int qc_parse_frm(struct quic_frame *frm, struct quic_rx_packet *pkt,
 	}
 
 	frm->type = *(*buf)++;
-	if (frm->type > QUIC_FT_MAX) {
+	if (frm->type >= QUIC_FT_MAX) {
 		TRACE_DEVEL("wrong frame type", QUIC_EV_CONN_PRSFRM, qc, frm);
 		return 0;
 	}