[libcxx] r343996 - Do the math in uniform_int_distribution::operator() as unsigned to prevent UB when overflowing. Also add a UBSAN notification that we're ffine with unsigned overflow. This fixes PR#32617. Thanks to Vincent & Christoph for their help with this issue.

[Marshall Clow]

Author: marshall
Date: Mon Oct  8 13:20:34 2018
New Revision: 343996

URL: http://llvm.org/viewvc/llvm-project?rev=343996&view=rev
Log:
Do the math in uniform_int_distribution::operator() as unsigned to prevent UB when overflowing. Also add a UBSAN notification that we're ffine with unsigned overflow. This fixes PR#32617. Thanks to Vincent & Christoph for their help with this issue.

Modified:
    libcxx/trunk/include/algorithm

Modified: libcxx/trunk/include/algorithm
URL: http://llvm.org/viewvc/llvm-project/libcxx/trunk/include/algorithm?rev=343996&r1=343995&r2=343996&view=diff
==============================================================================
--- libcxx/trunk/include/algorithm (original)
+++ libcxx/trunk/include/algorithm Mon Oct  8 13:20:34 2018
@@ -2899,10 +2899,11 @@ template<class _IntType>
 template<class _URNG>
 typename uniform_int_distribution<_IntType>::result_type
 uniform_int_distribution<_IntType>::operator()(_URNG& __g, const param_type& __p)
+_LIBCPP_DISABLE_UBSAN_UNSIGNED_INTEGER_CHECK
 {
     typedef typename conditional<sizeof(result_type) <= sizeof(uint32_t),
                                             uint32_t, uint64_t>::type _UIntType;
-    const _UIntType _Rp = __p.b() - __p.a() + _UIntType(1);
+    const _UIntType _Rp = _UIntType(__p.b()) - _UIntType(__p.a()) + _UIntType(1);
     if (_Rp == 1)
         return __p.a();
     const size_t _Dt = numeric_limits<_UIntType>::digits;
@@ -2989,7 +2990,7 @@ random_shuffle(_RandomAccessIterator __f
         {
             difference_type __i = __rand(__d);
             if (__i != difference_type(0))
-	            swap(*__first, *(__first + __i));
+              swap(*__first, *(__first + __i));
         }
     }
 }