commit a69f8d70 ("ptrlist: use ptr_list_nth() instead of linearize_ptr_\ list()", 2021-02-14) replaced a call to a local helper with a more generic ptr_list function. The local function, argument(), was used to retrieve the 'argno' argument to a function call, counting the arguments from one. This call was replaced by the generic ptr_list_nth() function, which accessed the ptr_list counting from zero. The 'argno' passed to the call to argument() was 3 (the byte count), which when passed to ptr_list_nth() was attempting to access the 4th (non-existent) argument. (The resulting null pointer was then passed to check_byte_count() function, which had an null-pointer check and so did not dereference the null pointer). This effectively disabled the memcpy-max-count check. In order to fix the check, change the 'argno' of 3 to the 'index' of 2. Also, add a simple regression test. Signed-off-by: Ramsay Jones <ramsay@ramsayjones.plus.com> Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>