git: f67468e6e5e2 - releng/14.1 - libnv: correct the calculation of the structure's size

The branch releng/14.1 has been updated by gordon:

URL: https://cgit.FreeBSD.org/src/commit/?id=f67468e6e5e27661e18561a3bcff9448d055b95e

commit f67468e6e5e27661e18561a3bcff9448d055b95e
Author:     Mariusz Zaborski <oshogbo@FreeBSD.org>
AuthorDate: 2024-09-11 14:43:43 +0000
Commit:     Gordon Tetlow <gordon@FreeBSD.org>
CommitDate: 2024-09-19 13:10:29 +0000

    libnv: correct the calculation of the structure's size
    
    Reported by:    Milosz Kaniewski <milosz.kaniewski@gmail.com>
    Approved by:    so
    Security:       FreeBSD-SA-24:16.libnv
    Security:       CVE-2024-45287
    
    (cherry picked from commit 7f4731ab67f1d3345aee6626eb83cc5ce00010f0)
    (cherry picked from commit 056c50c48be3e3828ef740d2fcce988a545e52aa)
---
 sys/contrib/libnv/nvlist.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/contrib/libnv/nvlist.c b/sys/contrib/libnv/nvlist.c
index 64078b10973e..92d6e655876a 100644
--- a/sys/contrib/libnv/nvlist.c
+++ b/sys/contrib/libnv/nvlist.c
@@ -1029,7 +1029,7 @@ static bool
 nvlist_check_header(struct nvlist_header *nvlhdrp)
 {
 
-	if (nvlhdrp->nvlh_size > SIZE_MAX - sizeof(nvlhdrp)) {
+	if (nvlhdrp->nvlh_size > SIZE_MAX - sizeof(*nvlhdrp)) {
 		ERRNO_SET(EINVAL);
 		return (false);
 	}