r177201 - Fix buffer underrun (invalid read) triggered during diagnostic rendering. The test would overflow when computing '0 - 1'.
Ted Kremenek
kremenek at apple.com
Fri Mar 15 16:09:38 PDT 2013
Author: kremenek
Date: Fri Mar 15 18:09:37 2013
New Revision: 177201
URL: http://llvm.org/viewvc/llvm-project?rev=177201&view=rev
Log:
Fix buffer underrun (invalid read) triggered during diagnostic rendering. The test would overflow when computing '0 - 1'.
I don't have a good testcase for this that does not depend on system headers.
It did not trigger with preprocessed output, and I had trouble reducing the example.
Fixes <rdar://problem/13324594>.
Thanks to Michael Greiner for reporting this issue.
Modified:
cfe/trunk/lib/Frontend/TextDiagnostic.cpp
Modified: cfe/trunk/lib/Frontend/TextDiagnostic.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Frontend/TextDiagnostic.cpp?rev=177201&r1=177200&r2=177201&view=diff
==============================================================================
--- cfe/trunk/lib/Frontend/TextDiagnostic.cpp (original)
+++ cfe/trunk/lib/Frontend/TextDiagnostic.cpp Fri Mar 15 18:09:37 2013
@@ -958,7 +958,7 @@ static void highlightRange(const CharSou
// Pick the last non-whitespace column.
if (EndColNo > map.getSourceLine().size())
EndColNo = map.getSourceLine().size();
- while (EndColNo-1 &&
+ while (EndColNo &&
(map.getSourceLine()[EndColNo-1] == ' ' ||
map.getSourceLine()[EndColNo-1] == '\t'))
EndColNo = map.startOfPreviousColumn(EndColNo);
More information about the cfe-commits
mailing list