RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-28 01:37:35 +00:00
Code Issues Activity Actions

LibJS: Fix replaceAll crash for overlapping search string positions

Browse source 
The implementation of String.prototype.replaceAll cannot use AK's
implementation of String::find_all when finding the indices of the
search string in the source string. String::find_all will return indices
[0, 1] for String("aaa").find_all("aa") - i.e. it returns overlapping
results. This is not allowed by the JavaScript specification for
replaceAll.
This commit is contained in:
Timothy Flynn 2021-07-05 21:01:05 -04:00 committed by Linus Groh
parent 30615ac2bb
commit 424c7eaa40
2 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Userland/Libraries/LibJS/Runtime/StringPrototype.cpp
View file

@ -877,9 +877,16 @@ JS_DEFINE_NATIVE_FUNCTION(StringPrototype::replace_all)
if (vm.exception())
return {};
Vector<size_t> match_positions = string.find_all(search_string);
size_t end_of_last_match = 0;
Vector<size_t> match_positions;
size_t advance_by = max(1u, search_string.length());
auto position = string.find(search_string);
while (position.has_value()) {
match_positions.append(*position);
position = string.find(search_string, *position + advance_by);
}
size_t end_of_last_match = 0;
StringBuilder result;
for (auto position : match_positions) {