From 469d5bb214195d8939be467c66ef1e6d25ad3e1f Mon Sep 17 00:00:00 2001
From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Mon, 8 Feb 2021 08:05:41 -0500
Subject: [PATCH] detct/pcre: Correct capture group count check

This commit corrects the validation check between the number of
variables used and the number of specified capture groups.
---
 src/detect-pcre.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/detect-pcre.c b/src/detect-pcre.c
index c6588ba6ab..2d4a4dc766 100644
--- a/src/detect-pcre.c
+++ b/src/detect-pcre.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2020 Open Information Security Foundation
+/* Copyright (C) 2007-2021 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -723,7 +723,7 @@ static int DetectPcreParseCapture(const char *regexstr, DetectEngineCtx *de_ctx,
     {
         char *ptr = NULL;
         while ((name_array[name_idx] = strtok_r(name_idx == 0 ? capture_names : NULL, " ,", &ptr))){
-            if (name_idx > capture_cnt) {
+            if (name_idx > (capture_cnt - 1)) {
                 SCLogError(SC_ERR_VAR_LIMIT, "more pkt/flow "
                         "var capture names than capturing substrings");
                 return -1;