From 8647e345635831f65b247a158a6ef6d2c8b254d0 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@open-xchange.com>
Date: Fri, 17 Jan 2020 11:30:53 +0200
Subject: [PATCH] lib: Assert-crash on i_rand_limit(0) and add unit tests

---
 src/lib/rand.c        |  4 ++++
 src/lib/test-lib.inc  |  1 +
 src/lib/test-random.c | 27 +++++++++++++++++++++++++++
 3 files changed, 32 insertions(+)

diff --git a/src/lib/rand.c b/src/lib/rand.c
index bdbde4cf16..ff7675dcc6 100644
--- a/src/lib/rand.c
+++ b/src/lib/rand.c
@@ -15,6 +15,8 @@ uint32_t i_rand(void)
 
 uint32_t i_rand_limit(uint32_t upper_bound)
 {
+	i_assert(upper_bound > 0);
+
 	return arc4random_uniform(upper_bound);
 }
 #else
@@ -27,6 +29,8 @@ uint32_t i_rand(void)
 
 uint32_t i_rand_limit(uint32_t upper_bound)
 {
+	i_assert(upper_bound > 0);
+
 	uint32_t val, min = -upper_bound % upper_bound;
 	while((val = i_rand()) < min);
 	return val % upper_bound;
diff --git a/src/lib/test-lib.inc b/src/lib/test-lib.inc
index e83dda4d2e..f05ea9a566 100644
--- a/src/lib/test-lib.inc
+++ b/src/lib/test-lib.inc
@@ -78,6 +78,7 @@ TEST(test_printf_format_fix)
 FATAL(fatal_printf_format_fix)
 TEST(test_priorityq)
 TEST(test_random)
+FATAL(fatal_random)
 TEST(test_seq_range_array)
 TEST(test_stats_dist)
 TEST(test_str)
diff --git a/src/lib/test-random.c b/src/lib/test-random.c
index 6e93b53354..6c83ff6b88 100644
--- a/src/lib/test-random.c
+++ b/src/lib/test-random.c
@@ -34,7 +34,34 @@ static void test_random_median(void)
 	test_end();
 }
 
+static void test_random_limits(void)
+{
+	test_begin("random limits");
+	test_assert(i_rand_limit(1) == 0);
+	test_assert(i_rand_minmax(0, 0) == 0);
+	test_assert(i_rand_minmax(UINT32_MAX, UINT32_MAX) == UINT32_MAX);
+	test_end();
+}
+
 void test_random(void)
 {
 	test_random_median();
+	test_random_limits();
+}
+
+enum fatal_test_state fatal_random(unsigned int stage)
+{
+	switch (stage) {
+	case 0:
+		test_begin("random fatals");
+		test_expect_fatal_string("min_val <= max_val");
+		(void)i_rand_minmax(1, 0);
+		return FATAL_TEST_FAILURE;
+	case 1:
+		test_expect_fatal_string("upper_bound > 0");
+		(void)i_rand_limit(0);
+		return FATAL_TEST_FAILURE;
+	}
+	test_end();
+	return FATAL_TEST_FINISHED;
 }
-- 
2.47.3