Fix potential trample in trie re-using leaf

Author: baldurk

renderdoc/core/rdcbytetrie.h

@@ -158,6 +158,9 @@ struct rdcbytetrie
 
     void SetPrefix(const Key &k)
     {
+      if(IsLeaf() && k.size > GetPrefixLength())
+        RDCERR("Expanding prefix on leaf - invalid");
+
       // prefix stored immediately after this structure for both node and leaf
       byte *prefix = (byte *)(this + 1);
       // use memmove to account for prefix shrinking in place
@@ -488,11 +491,18 @@ struct rdcbytetrie
         promoted->SetPrefix(leaf->GetPrefix());
         promoted->SetValue(std::move(leaf->GetValue()));
 
-        // re-use the leaf later. Since we just promoted this to a node we know it will have no
-        // children, so below we are going to hit the case of the next byte having no child and we
-        // can put this leaf there.
-        leaf->RemoveValue();
-        leaf->SetPrefix(searchAfter);
+        // re-use the leaf later if it has enough prefix space. Since we just promoted this to a
+        // node we know it will have no children, so below we are going to hit the case of the next
+        // byte having no child and we can put this leaf there.
+        if(leaf->GetPrefixLength() >= searchAfter.size)
+        {
+          leaf->RemoveValue();
+          leaf->SetPrefix(searchAfter);
+        }
+        else
+        {
+          leaf = MakeLeaf(searchAfter);
+        }
 
         root = promoted;
 

renderdoc/replay/basic_types_tests.cpp

@@ -2593,6 +2593,8 @@ TEST_CASE("Test rdcbytetrie type", "[basictypes][rdcbytetrie]")
         {{2, 1, 1}, TrieValue(5)},
         //
         {{2, 1, 6}, TrieValue(6)},
+        //
+        {{2, 1, 6, 9, 9}, TrieValue(7)},
     };
     bytebuf d = {1, 3};