The function split_sci_entry could produce empty lists, which can
cause illegal memory access or incorrect energies. Before commit
6106367b this bug was never triggered, since nsp_max was never smaller
than a full cj4 entry. But
6106367b introduced a but that could
produce negative nsp_max.
Fixes #1767.
Change-Id: I2007cf6851f94f4f2ca62f609a0628725014dbe7
nsp_cj4 += (nbl->cj4[cj4].imei[0].imask >> p) & 1;
}
- if (nsp_cj4 > 0 && nsp + nsp_cj4 > nsp_max)
+ /* Check if we should split at this cj4 to get a list of size nsp */
+ if (nsp > 0 && nsp + nsp_cj4 > nsp_max)
{
/* Split the list at cj4 */
nbl->sci[sci].cj4_ind_end = cj4;