From f0b4e66ad92b4188b55562043f075c372dcff335 Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Wed, 17 Nov 2021 20:00:29 -0500
Subject: [PATCH] lib/wind: find_normalize read past end of array

find_normalize() can under some circumstances read one element
beyond the input array.  The contents are discarded immediately
without further use.

This change prevents the unintended read.

(cherry picked from commit 357a38fc7fb582ae73f4b7f4a90a4b0b871b149e)

Change-Id: Ia2759a5632d64f7fa6553f879b5bbbf43ba3513e
---
 lib/wind/normalize.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/wind/normalize.c b/lib/wind/normalize.c
index 20e8a4a04beb..8f3991d10ed8 100644
--- a/lib/wind/normalize.c
+++ b/lib/wind/normalize.c
@@ -227,9 +227,9 @@ find_composition(const uint32_t *in, unsigned in_len)
 	unsigned i;
 
 	if (n % 5 == 0) {
-	    cur = *in++;
 	    if (in_len-- == 0)
 		return c->val;
+	    cur = *in++;
 	}
 
 	i = cur >> 16;
-- 
2.38.1