[compiler-rt] [xray] Fix oob memory access in FDR BufferQueue iterator. (PR #90940)

[Ricky Zhou via llvm-commits]

https://github.com/rickyz updated https://github.com/llvm/llvm-project/pull/90940

>From fa41e53182c93634552cb9add2ebddb31bd9d7f2 Mon Sep 17 00:00:00 2001
From: Ricky Zhou <ricky at rzhou.org>
Date: Thu, 2 May 2024 22:54:50 -0700
Subject: [PATCH] [xray] Fix oob memory access in FDR BufferQueue iterator.

Before this change, the FDR BufferQueue iterator could access oob memory
due to checks of the form `!Buffers[Offset].Used && Offset != Max`. This
can potentially access `Buffers[Max]`, which is past the end of the
`Buffers` array. Fix this by testing `Offset != Max` first.
---
 compiler-rt/lib/xray/xray_buffer_queue.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/compiler-rt/lib/xray/xray_buffer_queue.h b/compiler-rt/lib/xray/xray_buffer_queue.h
index e1739d050f3d0d..8d33f73576b5e2 100644
--- a/compiler-rt/lib/xray/xray_buffer_queue.h
+++ b/compiler-rt/lib/xray/xray_buffer_queue.h
@@ -87,7 +87,7 @@ class BufferQueue {
       DCHECK_NE(Offset, Max);
       do {
         ++Offset;
-      } while (!Buffers[Offset].Used && Offset != Max);
+      } while (Offset != Max && !Buffers[Offset].Used);
       return *this;
     }
 
@@ -107,7 +107,7 @@ class BufferQueue {
           Max(M) {
       // We want to advance to the first Offset where the 'Used' property is
       // true, or to the end of the list/queue.
-      while (!Buffers[Offset].Used && Offset != Max) {
+      while (Offset != Max && !Buffers[Offset].Used) {
         ++Offset;
       }
     }