add a number of additional (debug) asserts to spot invalid states earlier

Author: folkertdev

Diff for: zlib-rs/src/deflate.rs

@@ -259,6 +259,7 @@ pub fn init(stream: &mut z_stream, config: DeflateConfig) -> ReturnCode {
     };
 
     let w_size = 1 << window_bits;
+    assert!(w_size >= MIN_LOOKAHEAD);
     let window = Window::new_in(&alloc, window_bits);
 
     let prev = alloc.allocate_slice_raw::<u16>(w_size);
@@ -1149,7 +1150,14 @@ impl<'a> BitWriter<'a> {
 
             match u16::from_le_bytes([dist_low, dist_high]) {
                 0 => self.emit_lit(ltree, lc) as usize,
-                dist => self.emit_dist(ltree, dtree, lc, dist),
+                dist => {
+                    assert!(
+                        (dist >> 7) < 256,
+                        "invalid dist value {dist} from bytes {:?}",
+                        [dist_low, dist_high, lc]
+                    );
+                    self.emit_dist(ltree, dtree, lc, dist)
+                }
             };
         }
 

Diff for: zlib-rs/src/read_buf.rs

@@ -53,13 +53,18 @@ impl<'a> ReadBuf<'a> {
     #[inline(always)]
     pub fn push_lit(&mut self, byte: u8) {
         // NOTE: we rely on the buffer being zeroed here!
+        assert_eq!(&self.buf.as_slice()[self.filled..][..3], &[0, 0, 0]);
+
         self.buf.as_mut_slice()[self.filled + 2] = byte;
 
         self.filled += 3;
     }
 
     #[inline(always)]
     pub fn push_dist(&mut self, dist: u16, len: u8) {
+        // we expect the buffer to be zeroed (though it does not matter for correctness)
+        debug_assert_eq!(&self.buf.as_slice()[self.filled..][..3], &[0, 0, 0]);
+
         let buf = &mut self.buf.as_mut_slice()[self.filled..][..3];
         let [dist1, dist2] = dist.to_le_bytes();