From c80f88a94e965cc4bf52588cfc105376b2fee35a Mon Sep 17 00:00:00 2001
From: "Michael J. Spencer" <bigcheesegs@gmail.com>
Date: Wed, 2 Oct 2013 23:21:07 +0000
Subject: [Core]  Fix heap overflow in LayoutPass.

Found this with asan. Code assumes that find doesn't return end, thus if
both atoms didn't have followon roots it would still compare their positions.

llvm-svn: 191865
---
 lld/lib/Passes/LayoutPass.cpp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'lld/lib/Passes/LayoutPass.cpp')

diff --git a/lld/lib/Passes/LayoutPass.cpp b/lld/lib/Passes/LayoutPass.cpp
index b116496e036..c4c8fb9c33e 100644
--- a/lld/lib/Passes/LayoutPass.cpp
+++ b/lld/lib/Passes/LayoutPass.cpp
@@ -56,10 +56,12 @@ bool LayoutPass::CompareAtoms::operator()(const DefinedAtom *left,
 
   // Sort atoms by their ordinal overrides only if they fall in the same
   // chain.
-  const DefinedAtom *leftAtom = _layout._followOnRoots.find(left)->second;
-  const DefinedAtom *rightAtom = _layout._followOnRoots.find(right)->second;
+  auto leftAtom = _layout._followOnRoots.find(left);
+  auto rightAtom = _layout._followOnRoots.find(right);
 
-  if (leftAtom == rightAtom) {
+  if (leftAtom != _layout._followOnRoots.end() &&
+      rightAtom != _layout._followOnRoots.end() &&
+      leftAtom->second == rightAtom->second) {
     if ((lPos != end) && (rPos != end)) {
       return lPos->second < rPos->second;
     }
-- 
cgit v1.2.3