1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
/* Copyright 2018 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Test the buffer handling of HDMI CEC
*/
#include <string.h>
#include "cec.h"
#include "test_util.h"
struct overflow_msg {
struct cec_msg_transfer transfer;
uint8_t overflow_detector;
} overflow_msg;
/* Ensure the overflow detector is located directly after the buffer */
BUILD_ASSERT(offsetof(struct overflow_msg, overflow_detector) ==
offsetof(struct cec_msg_transfer, buf) + MAX_CEC_MSG_LEN);
struct overflow_queue {
struct cec_rx_queue queue;
uint8_t overflow_detector[CEC_RX_BUFFER_SIZE];
} overflow_queue;
/* Ensure the overflow detector is located directly after the buffer */
BUILD_ASSERT(offsetof(struct overflow_queue, overflow_detector) ==
offsetof(struct cec_rx_queue, buf) + CEC_RX_BUFFER_SIZE);
static struct cec_rx_queue *queue;
/* Tests */
static int test_msg_overflow(void)
{
int i;
/* Overwrite the buffer by 1 byte */
for (i = 0; i < (MAX_CEC_MSG_LEN+1)*8; i++) {
cec_transfer_set_bit(&overflow_msg.transfer, 1);
cec_transfer_inc_bit(&overflow_msg.transfer);
}
/* Make sure we actually wrote the whole buffer with ones */
for (i = 0; i < MAX_CEC_MSG_LEN; i++)
TEST_ASSERT(overflow_msg.transfer.buf[i] == 0xff);
/* Verify that the attempt to overflow the buffer did not succeed */
TEST_ASSERT(overflow_msg.overflow_detector == 0);
/* The full indicator is when byte reaches MAX_CEC_MSG_LEN */
TEST_ASSERT(overflow_msg.transfer.byte == MAX_CEC_MSG_LEN);
/* Check that the indicator stays the same if we write another byte */
for (i = 0; i < 8; i++) {
cec_transfer_set_bit(&overflow_msg.transfer, 1);
cec_transfer_inc_bit(&overflow_msg.transfer);
}
TEST_ASSERT(overflow_msg.transfer.byte == MAX_CEC_MSG_LEN);
return EC_SUCCESS;
}
static int verify_no_queue_overflow(void)
{
int i;
for (i = 0; i < CEC_RX_BUFFER_SIZE; i++) {
if (overflow_queue.overflow_detector[i] != 0)
return EC_ERROR_OVERFLOW;
}
return EC_SUCCESS;
}
static void clear_queue(void)
{
memset(queue, 0, sizeof(struct cec_rx_queue));
}
static int fill_queue(uint8_t *msg, int msg_size)
{
int i;
/*
* Fill the queue. Every push adds the message and one extra byte for
* the length field. The maximum data we can add is one less than
* CEC_RX_BUFFER_SIZE since write_pointer==read_pointer is used to
* indicate an empty buffer
*/
clear_queue();
for (i = 0; i < (CEC_RX_BUFFER_SIZE - 1)/(msg_size + 1); i++)
TEST_ASSERT(cec_rx_queue_push(queue, msg, msg_size) == 0);
/* Now the queue should be full */
TEST_ASSERT(cec_rx_queue_push(queue, msg, msg_size) ==
EC_ERROR_OVERFLOW);
/* Verify nothing was written outside of the queue */
TEST_ASSERT(verify_no_queue_overflow() == EC_SUCCESS);
return EC_SUCCESS;
}
static int test_queue_overflow(void)
{
uint8_t msg[CEC_RX_BUFFER_SIZE];
memset(msg, 0xff, sizeof(msg));
TEST_ASSERT(fill_queue(msg, 1) == EC_SUCCESS);
TEST_ASSERT(fill_queue(msg, 2) == EC_SUCCESS);
TEST_ASSERT(fill_queue(msg, 3) == EC_SUCCESS);
TEST_ASSERT(fill_queue(msg, MAX_CEC_MSG_LEN) == EC_SUCCESS);
return EC_SUCCESS;
}
void run_test(int argc, char **argv)
{
queue = &overflow_queue.queue;
RUN_TEST(test_msg_overflow);
RUN_TEST(test_queue_overflow);
test_print_result();
}
|