From 4d05ce8738a24f3abd9e363a93634538243af1be Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ion=20Gazta=C3=B1aga?= <igaztanaga@gmail.com>
Date: Tue, 28 Mar 2017 12:37:22 +0200
Subject: [PATCH] Fix for Ticket #12915: "Buffer overflow in
 boost::container::vector (affects flat_set)"

---
 include/boost/container/vector.hpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/boost/container/vector.hpp b/include/boost/container/vector.hpp
index 7456ee8..336d616 100644
--- a/include/boost/container/vector.hpp
+++ b/include/boost/container/vector.hpp
@@ -2257,7 +2257,7 @@ class vector
                boost::uintptr_t const capaddr = boost::uintptr_t(this->priv_raw_begin() + c);
                boost::uintptr_t const aligned_addr = (addr + szt_align_mask) & ~szt_align_mask;
                indexes =  reinterpret_cast<size_type *>(aligned_addr);
-               std::size_t index_capacity = (aligned_addr >= capaddr) ? 0u : (capaddr - addr)/sizeof(size_type);
+               std::size_t index_capacity = (aligned_addr >= capaddr) ? 0u : (capaddr - aligned_addr)/sizeof(size_type);
 
                //Capacity is constant, we're not going to change it
                if(index_capacity < PosCount){