Fix improper dereference of end() iterator. Patch by Argiris Kirtzidis!
llvm-svn: 50012
diff --git a/clang/lib/Analysis/ExplodedGraph.cpp b/clang/lib/Analysis/ExplodedGraph.cpp
index 3788551..c184d1e 100644
--- a/clang/lib/Analysis/ExplodedGraph.cpp
+++ b/clang/lib/Analysis/ExplodedGraph.cpp
@@ -80,8 +80,11 @@
if (getKind() == Size1)
return (ExplodedNodeImpl**) (getPtr() ? &P+1 : NULL);
- else
- return const_cast<ExplodedNodeImpl**>(&*(getVector(getPtr()).end()));
+ else {
+ // Dereferencing end() is undefined behaviour. The vector is not empty, so
+ // we can dereference the last elem (end()-1) and then add 1 to the result.
+ return const_cast<ExplodedNodeImpl**>(&*(getVector(getPtr()).end()-1)) + 1;
+ }
}
ExplodedNodeImpl::NodeGroup::~NodeGroup() {