src: enforce assumptions in FIXED_ONE_BYTE_STRING

These functions are both meant to be used with a null-terminated and
thus non-empty sequence of `char`s. However, there is nothing stopping
call sites from passing zero-length sequences, which would certainly not
be null-terminated and also would cause an underflow in `N - 1`.
Therefore, this commit

- changes the size `N` of the array from `int` to `std::size_t`,
- ensures that compilation will fail if `N = 0`, and
- adds a runtime assertion that fails if the `N`-th `char` is not `\0`.

Note that the runtime assertion should be eliminated by any optimizing
compiler when given a string literal, which is how these functions are
used for the most part (though not exclusively).

PR-URL: #58155
Reviewed-By: Daniel Lemire <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Gerhard Stöbich <[email protected]>

Author: tniessen

src/util.h

@@ -345,17 +345,19 @@ inline v8::Local<v8::String> OneByteString(v8::Isolate* isolate,
                                            std::string_view str);
 
 // Used to be a macro, hence the uppercase name.
-template <int N>
-inline v8::Local<v8::String> FIXED_ONE_BYTE_STRING(
-    v8::Isolate* isolate,
-    const char(&data)[N]) {
+template <std::size_t N>
+  requires(N > 0)
+inline v8::Local<v8::String> FIXED_ONE_BYTE_STRING(v8::Isolate* isolate,
+                                                   const char (&data)[N]) {
+  CHECK_EQ(data[N - 1], '\0');
   return OneByteString(isolate, data, N - 1);
 }
 
 template <std::size_t N>
+  requires(N > 0)
 inline v8::Local<v8::String> FIXED_ONE_BYTE_STRING(
-    v8::Isolate* isolate,
-    const std::array<char, N>& arr) {
+    v8::Isolate* isolate, const std::array<char, N>& arr) {
+  CHECK_EQ(arr[N - 1], '\0');
   return OneByteString(isolate, arr.data(), N - 1);
 }