t-prio-queue: check result array bounds

Avoid reading past the end of the "result" array, which could otherwise
happen if the prio-queue were to yield more items than were put into it
due to an implementation bug, or if the array has not enough entries due
to a test bug.

Also check at the end whether all "result" entries were consumed, which
would not be the case if the prio-queue forgot some entries or the test
definition contained too many.

Signed-off-by: René Scharfe <l.s.r@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/t/unit-tests/t-prio-queue.c b/t/unit-tests/t-prio-queue.c
index 616d0fc86f52ec596451e66ec270228921d3539d..535834636131872b6f6f45bccea9a4bc868e31f2 100644 (file)
--- a/t/unit-tests/t-prio-queue.c
+++ b/t/unit-tests/t-prio-queue.c
@@ -19,11 +19,13 @@ static int show(int *v)
        return v ? *v : MISSING;
 }
 
-static void test_prio_queue(int *input, int *result, size_t input_size)
+static void test_prio_queue(int *input, size_t input_size,
+                           int *result, size_t result_size)
 {
        struct prio_queue pq = { intcmp };
+       int j = 0;
 
-       for (int i = 0, j = 0; i < input_size; i++) {
+       for (int i = 0; i < input_size; i++) {
                void *peek, *get;
                switch(input[i]) {
                case GET:
@@ -31,6 +33,8 @@ static void test_prio_queue(int *input, int *result, size_t input_size)
                        get = prio_queue_get(&pq);
                        if (!check(peek == get))
                                return;
+                       if (!check_uint(j, <, result_size))
+                               break;
                        if (!check_int(result[j], ==, show(get)))
                                test_msg("      j: %d", j);
                        j++;
@@ -40,6 +44,8 @@ static void test_prio_queue(int *input, int *result, size_t input_size)
                                get = prio_queue_get(&pq);
                                if (!check(peek == get))
                                        return;
+                               if (!check_uint(j, <, result_size))
+                                       break;
                                if (!check_int(result[j], ==, show(get)))
                                        test_msg("      j: %d", j);
                                j++;
@@ -56,6 +62,7 @@ static void test_prio_queue(int *input, int *result, size_t input_size)
                        break;
                }
        }
+       check_uint(j, ==, result_size);
        clear_prio_queue(&pq);
 }
 
@@ -79,7 +86,8 @@ static void test_prio_queue(int *input, int *result, size_t input_size)
 {                                                              \
        int input[] = {INPUT};                                  \
        int result[] = {RESULT};                                \
-       test_prio_queue(input, result, ARRAY_SIZE(input));      \
+       test_prio_queue(input, ARRAY_SIZE(input),               \
+                       result, ARRAY_SIZE(result));            \
 }
 
 TEST_INPUT(BASIC_INPUT, BASIC_RESULT, basic)