<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/61921>61921</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            [Clang] String access could result in out-of-bound read in ASTWriter.cpp
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          ustchcs-bugfinder
      </td>
    </tr>
</table>

<pre>
    https://github.com/llvm/llvm-project/blob/50b2a113db197a97f60ad2aace8b7382dc9b8c31/clang/lib/Serialization/ASTWriter.cpp#L1086

```cpp
static const char *
adjustFilenameForRelocatableAST(const char *Filename, StringRef BaseDir) {
  assert(Filename && "No file name to adjust?");

  if (BaseDir.empty())
    return Filename;

  // Verify that the filename and the system root have the same prefix.
 unsigned Pos = 0;
  for (; Filename[Pos] && Pos < BaseDir.size(); ++Pos) -->  L1086 
    if (Filename[Pos] != BaseDir[Pos])
      return Filename; // Prefixes don't match.
```

The condition on L1086 supposes `Filename` is longer than `BaseDir`. 

The following code could be better if the assumption is not always true. 

```cpp
  for (; Pos < Filename.size()  && Pos < BaseDir.size() && Filename[Pos] ; ++Pos) 
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJyUVF2P6jYQ_TXDy4jImZDgPPCwLM1TVa3urtpnx5kQX5kY2c695f76yoHsLnSlqhICaTwfZ84ZjgrBHEfmHZR7KA8rNcXB-d0Uoh50WLfTsTdjx37Vuu6yG2I8ByiegBqg5mjiMLWZdiegxtofy8_67N131hGoaa1rgZpStKTyvOjavN6qettXQnWklGbZbgtJna5bqYscqNFWjcfUyKTCV_ZGWfNLReNGoObp9e0vbyL7TJ_PQMXvuZAViAOIp9t3Ja6f9D5HQlTRaNRuDBH1oDwC3ZJV930KsTGWR3XixvlvbJ1WUbWWn17fgOR91ZIJ9Iyv0Zvx-I173KvAB-OBaoTt_toZUYXAPgLJpQiBKqAKgegPh72xjHM4OrzigKIBIqAaiv3nlRBNj0DyNifj0zlegGTKpHrJQfQcJz_iO8jHLlfR8E_2pr9gHFTEOPCMZAaixm4OhEuIfELvXMRB_eBrMGWcPffm7-zWcBrn0-nwxQWE4oDifSRi7xJjEor9B6By_-IClIeFiWvd80JgFswvvu1V7BFoDzRXUI3rNRS_Ic5y48fKV2K-GpAnQIsyS_yOrq8IWzh6mRflgF26um3Ek4p6yB5O7DO9bwOnE-tMOlR04w1qmM5nFzggVOJ9TiXQBLRuPLJPOozpdcFaiQwfG_fOWvfTjEfUrktzJtthy9hyjOwTC0kiFcJ0Os_zTcDRRVT2p7oEjH7i-6b__pfcKbYIsyD-pAz-t3hLxheyPMr6gGbV7YquLmq14l1eSVHKqq7Eathxoakl6spe8TYnVbKQGy1zJbd1l-f9yuxIUCE2YiPKDW1EJotNTqXspeyKvpQb2Ag-KWOzZFCZ88eVCWHiXZXXlK-satmGxQP9bnaxdjoG2AhrQgwfZdFEO7vl82xU5eHmBKi05hBu4ngOk41oRnRTXLt-3bppTGHVpeCdja0mb_-_s87wA1Azb_BPAAAA__9AP7uI">