is msg_hasFormat() reading past end of fmt?

[giuliomoro]

https://github.com/Wasted-Audio/hvcc/blob/develop/hvcc/generators/ir2c/static/HvMessage.c#L97-L110

bool msg_hasFormat(const HvMessage *m, const char *fmt) {
  hv_assert(fmt != NULL);
  const int n = msg_getNumElements(m);
  for (int i = 0; i < n; ++i) {
    switch (fmt[i]) {
      case 'b': if (!msg_isBang(m, i)) return false; break;
      case 'f': if (!msg_isFloat(m, i)) return false; break;
      case 'h': if (!msg_isHash(m, i)) return false; break;
      case 's': if (!msg_isSymbol(m, i)) return false; break;
      default: return false;
    }
  }
  return (fmt[n] == '\0');
}

It looks like this may well be trying to access fmt beyond its end if the message has more elements than the length of fmt. This may be expected/desired (because of speed potential), but it should be documented that if you are unsure a priori about the message length, then it's your task to ensure strlen(fmt) is hv_msg_getNumElements().

As an additional note, it could be useful to add a method to get the message format (or is there one already?), so that one doesn't have to "guess" what the full current format is (sure one can use hv_msg_is{Float,Bang,Symbol,Hash} to obtain that, but it feels a bit cumbersome).

[dromer]

I've looked at the code and thought about this some more and I think it's quite unlikely that a message would go over format length. And then the implementation (likely inside of a generator/wrapper) would be broken/malformed anyway and it should fail.

However perhaps an assertion of hv_assert(hv_strlen(fmt) == n) would be good enough here?

Btw there is msg_getType() which returns the type of the message (as ElementType typedef)