From 938e05689605fb4138bfc886e4677204bc38df41 Mon Sep 17 00:00:00 2001
From: Denis Kenzior <denkenz@gmail.com>
Date: Fri, 14 Jan 2022 09:48:48 -0600
Subject: [PATCH] erp: Avoid potential overflow

When checking that the length is valid, avoid potentially overflowing
'start + len'
---
 src/erp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/erp.c b/src/erp.c
index 93fcaa94..e7c5fe86 100644
--- a/src/erp.c
+++ b/src/erp.c
@@ -131,7 +131,7 @@ static bool erp_tlv_iter_next(struct erp_tlv_iter *iter)
 	else
 		len = 4;
 
-	if (tlv + len > end)
+	if (len > end - tlv)
 		return false;
 
 	iter->tag = tag;