lib: ipset: Avoid 'argv' array overstepping

The maximum accepted value for 'argc' is MAX_ARGS which matches 'argv'
array size. The maximum allowed array index is therefore argc-1.

This fix will leave items in argv non-NULL-terminated, so explicitly
NULL the formerly last entry after shifting.

Looks like a day-1 bug. Interestingly, this neither triggered ASAN nor
valgrind. Yet adding debug output printing argv entries being copied
did.

Fixes: 1e6e8bd9a62aa ("Third stage to ipset-5")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>

0 files changed, 0 insertions, 0 deletions