From 90d7fa12d0814bca69f95d2c4829391a6cb3935b Mon Sep 17 00:00:00 2001
From: Ted Kremenek <kremenek@apple.com>
Date: Fri, 15 Mar 2013 23:09:37 +0000
Subject: Fix buffer underrun (invalid read) triggered during diagnostic
 rendering.  The test would overflow when computing '0 - 1'.

I don't have a good testcase for this that does not depend on system headers.
It did not trigger with preprocessed output, and I had trouble reducing the example.

Fixes <rdar://problem/13324594>.

Thanks to Michael Greiner for reporting this issue.

llvm-svn: 177201
---
 clang/lib/Frontend/TextDiagnostic.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'clang/lib/Frontend/TextDiagnostic.cpp')

diff --git a/clang/lib/Frontend/TextDiagnostic.cpp b/clang/lib/Frontend/TextDiagnostic.cpp
index c9724612419..ca4ad60c524 100644
--- a/clang/lib/Frontend/TextDiagnostic.cpp
+++ b/clang/lib/Frontend/TextDiagnostic.cpp
@@ -958,7 +958,7 @@ static void highlightRange(const CharSourceRange &R,
     // Pick the last non-whitespace column.
     if (EndColNo > map.getSourceLine().size())
       EndColNo = map.getSourceLine().size();
-    while (EndColNo-1 &&
+    while (EndColNo &&
            (map.getSourceLine()[EndColNo-1] == ' ' ||
             map.getSourceLine()[EndColNo-1] == '\t'))
       EndColNo = map.startOfPreviousColumn(EndColNo);
-- 
cgit v1.2.3