From: Reid Kleckner <reid@kleckner.net>
Date: Wed, 23 Jul 2014 23:24:25 +0000 (+0000)
Subject: Add a missing Invalid check to SubobjectDesignator::isOnePastEnd()
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ee41dd0f7cc73a0ed02191a9b064c2de63ac8ccf;p=clang

Add a missing Invalid check to SubobjectDesignator::isOnePastEnd()

The class seems to have an invariant that Entries is non-empty if
Invalid is false.  It appears this method was previously private, and
all internal uses checked Invalid.  Now there is an external caller, so
check Invalid to avoid array OOB underflow.

Fixes PR20420.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@213816 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/AST/ExprConstant.cpp b/lib/AST/ExprConstant.cpp
index b1d2265872..11789aa037 100644
--- a/lib/AST/ExprConstant.cpp
+++ b/lib/AST/ExprConstant.cpp
@@ -201,6 +201,8 @@ namespace {
 
     /// Determine whether this is a one-past-the-end pointer.
     bool isOnePastTheEnd() const {
+      if (Invalid)
+        return false;
       if (IsOnePastTheEnd)
         return true;
       if (MostDerivedArraySize &&
diff --git a/test/SemaCXX/warn-global-constructors.cpp b/test/SemaCXX/warn-global-constructors.cpp
index 90d8558666..856826414a 100644
--- a/test/SemaCXX/warn-global-constructors.cpp
+++ b/test/SemaCXX/warn-global-constructors.cpp
@@ -120,3 +120,9 @@ namespace pr19253 {
   };
   E e;
 }
+
+namespace pr20420 {
+// No warning is expected. This used to crash.
+void *array_storage[1];
+const int &global_reference = *(int *)array_storage;
+}