Fix improper dereference of end() iterator. Patch by Argiris Kirtzidis!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50012 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/Analysis/ExplodedGraph.cpp b/lib/Analysis/ExplodedGraph.cpp
index 3788551..c184d1e 100644
--- a/lib/Analysis/ExplodedGraph.cpp
+++ b/lib/Analysis/ExplodedGraph.cpp
@@ -80,8 +80,11 @@
if (getKind() == Size1)
return (ExplodedNodeImpl**) (getPtr() ? &P+1 : NULL);
- else
- return const_cast<ExplodedNodeImpl**>(&*(getVector(getPtr()).end()));
+ else {
+ // Dereferencing end() is undefined behaviour. The vector is not empty, so
+ // we can dereference the last elem (end()-1) and then add 1 to the result.
+ return const_cast<ExplodedNodeImpl**>(&*(getVector(getPtr()).end()-1)) + 1;
+ }
}
ExplodedNodeImpl::NodeGroup::~NodeGroup() {