diff options
| author | Ted Kremenek <kremenek@apple.com> | 2013-03-15 23:09:37 +0000 |
|---|---|---|
| committer | Ted Kremenek <kremenek@apple.com> | 2013-03-15 23:09:37 +0000 |
| commit | 316dd5467bed9242088149fe92f3316ef4f235e9 (patch) | |
| tree | 1a099b418e046dafcf8cf7c6e7c35ae2d46371d9 /lib/Frontend/TextDiagnostic.cpp | |
| parent | 9cc3ed4e4d7f25b1af8ba7b85d324a0bb8747640 (diff) | |
Fix buffer underrun (invalid read) triggered during diagnostic rendering. The test would overflow when computing '0 - 1'.
I don't have a good testcase for this that does not depend on system headers.
It did not trigger with preprocessed output, and I had trouble reducing the example.
Fixes <rdar://problem/13324594>.
Thanks to Michael Greiner for reporting this issue.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177201 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Frontend/TextDiagnostic.cpp')
| -rw-r--r-- | lib/Frontend/TextDiagnostic.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/Frontend/TextDiagnostic.cpp b/lib/Frontend/TextDiagnostic.cpp index c972461241..ca4ad60c52 100644 --- a/lib/Frontend/TextDiagnostic.cpp +++ b/lib/Frontend/TextDiagnostic.cpp @@ -958,7 +958,7 @@ static void highlightRange(const CharSourceRange &R, // Pick the last non-whitespace column. if (EndColNo > map.getSourceLine().size()) EndColNo = map.getSourceLine().size(); - while (EndColNo-1 && + while (EndColNo && (map.getSourceLine()[EndColNo-1] == ' ' || map.getSourceLine()[EndColNo-1] == '\t')) EndColNo = map.startOfPreviousColumn(EndColNo); |