From 49125fbf794508efdb71a4f6f18a4bc324bd76ab Mon Sep 17 00:00:00 2001
From: "Andrew J. Schorr" <aschorr@telemetry-investments.com>
Date: Tue, 14 Jan 2020 09:26:31 -0500
Subject: Fix cint off-by-one array bounds overflow check for NHAT set in the
 environment.

---
 cint_array.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'cint_array.c')

diff --git a/cint_array.c b/cint_array.c
index 417f27d5..d7171ac8 100644
--- a/cint_array.c
+++ b/cint_array.c
@@ -175,7 +175,7 @@ cint_array_init(NODE *symbol ATTRIBUTE_UNUSED, NODE *subs ATTRIBUTE_UNUSED)
 		if ((newval = getenv_long("NHAT")) > 1 && newval < INT32_BIT)
 			NHAT = newval;
 		/* don't allow overflow off the end of the table */
-		if (NHAT >= nelems)
+		if (NHAT > nelems - 2)
 			NHAT = nelems - 2;
 		THRESHOLD = power_two_table[NHAT + 1];
 	} else
-- 
cgit v1.2.1