bugfix:修复扫描TUNNEL_ENDPOINT越界问题

1 files changed, 2 insertions, 3 deletions

diff --git a/platform/src/verify_matcher.cpp b/platform/src/verify_matcher.cpp
index 2dbe91f..e455c9f 100644
--- a/platform/src/verify_matcher.cpp
+++ b/platform/src/verify_matcher.cpp
@@ -147,7 +147,7 @@ struct policy_scan_ctx
 
 	int tunnel_endpoint_x;
 	int bool_id_array_idx;
-    unsigned long long bool_id_array[128];
+    unsigned long long bool_id_array[256];
 
 	int isExclusion;
 	struct ip_data_ctx ip_ctx;
@@ -322,7 +322,6 @@ static int get_column_num(const char* line)
 	return i;
 }
 
-
 void ip_location_table_new_cb(const char *table_name, int table_id, const char* key, const char* table_line, void **ad, long argl, void* argp)
 {
 	int ret=0,profile_id=0,is_valid=0;
@@ -1510,7 +1509,7 @@ int policy_verify_scan_tunnel_id(long long *result, struct ip_addr *sip, int hit
 	struct tunnel_data_ctx *endpoint_data[TUNNEL_BOOL_ID_MAX];
 
 	ret=maat_ip_plugin_table_get_ex_data(g_policy_rt->feather[vsys_id], g_policy_rt->profile_table_id[POLICY_TUNNEL_ENDPOINT], sip, (void **)&endpoint_data, TUNNEL_BOOL_ID_MAX);
-	for(i=0; i<ret && i<TUNNEL_BOOL_ID_MAX && ctx->bool_id_array_idx < TUNNEL_BOOL_ID_MAX; i++)
+	for(i=0; i<ret && i<TUNNEL_BOOL_ID_MAX; i++)
 	{
 		ctx->bool_id_array[ctx->bool_id_array_idx]=(long long)endpoint_data[i]->id;
 		ctx->bool_id_array_idx++;