RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-28 02:47:34 +00:00
Code Issues Activity Actions

AK: Replace the mutable String::replace API with an immutable version

Browse source 
This removes the awkward String::replace API which was the only String
API which mutated the String and replaces it with a new immutable
version that returns a new String with the replacements applied. This
also fixes a couple of UAFs that were caused by the use of this API.

As an optimization an equivalent StringView::replace API was also added
to remove an unnecessary String allocations in the format of:
`String { view }.replace(...);`
This commit is contained in:
Idan Horowitz 2021-09-11 02:15:44 +03:00
parent aba4c9579f
commit 6704961c82
26 changed files with 72 additions and 118 deletions
Download patch file Download diff file Expand all files Collapse all files

13
Userland/Libraries/LibC/netdb.cpp
View file

@ -425,9 +425,7 @@ void endservent()
static bool fill_getserv_buffers(const char* line, ssize_t read)
{
// Splitting the line by tab delimiter and filling the servent buffers name, port, and protocol members.
String string_line = String(line, read);
string_line.replace(" ", "\t", true);
auto split_line = string_line.split('\t');
auto split_line = StringView(line, read).replace(" ", "\t", true).split('\t');
// This indicates an incorrect file format.
// Services file entries should always at least contain
@ -450,11 +448,7 @@ static bool fill_getserv_buffers(const char* line, ssize_t read)
__getserv_port_buffer = number.value();
// Remove any annoying whitespace at the end of the protocol.
port_protocol_split[1].replace(" ", "", true);
port_protocol_split[1].replace("\t", "", true);
port_protocol_split[1].replace("\n", "", true);
__getserv_protocol_buffer = port_protocol_split[1];
__getserv_protocol_buffer = port_protocol_split[1].replace(" ", "", true).replace("\t", "", true).replace("\n", "", true);
__getserv_alias_list_buffer.clear();
// If there are aliases for the service, we will fill the alias list buffer.
@ -610,8 +604,7 @@ void endprotoent()
static bool fill_getproto_buffers(const char* line, ssize_t read)
{
String string_line = String(line, read);
string_line.replace(" ", "\t", true);
auto split_line = string_line.split('\t');
auto split_line = string_line.replace(" ", "\t", true).split('\t');
// This indicates an incorrect file format. Protocols file entries should
// always have at least a name and a protocol.

4
Userland/Libraries/LibC/termcap.cpp
View file

@ -114,9 +114,7 @@ int tgetnum(const char* id)
static Vector<char> s_tgoto_buffer;
char* tgoto([[maybe_unused]] const char* cap, [[maybe_unused]] int col, [[maybe_unused]] int row)
{
auto cap_str = String(cap);
cap_str.replace("%p1%d", String::number(col));
cap_str.replace("%p2%d", String::number(row));
auto cap_str = StringView(cap).replace("%p1%d", String::number(col)).replace("%p2%d", String::number(row));
s_tgoto_buffer.clear_with_capacity();
s_tgoto_buffer.ensure_capacity(cap_str.length());

4
Userland/Libraries/LibIMAP/Objects.cpp
View file

@ -128,9 +128,7 @@ String serialize_astring(StringView string)
// Try to quote
auto can_be_quoted = !(string.contains('\n') || string.contains('\r'));
if (can_be_quoted) {
auto escaped_str = string.to_string();
escaped_str.replace("\\", "\\\\");
escaped_str.replace("\"", "\\\"");
auto escaped_str = string.replace("\\", "\\\\").replace("\"", "\\\"");
return String::formatted("\"{}\"", escaped_str);
}

6
Userland/Libraries/LibJS/Parser.h
View file

@ -117,11 +117,7 @@ public:
return {};
// We need to modify the source to match what the lexer considers one line - normalizing
// line terminators to \n is easier than splitting using all different LT characters.
String source_string { source };
source_string.replace("\r\n", "\n");
source_string.replace("\r", "\n");
source_string.replace(LINE_SEPARATOR_STRING, "\n");
source_string.replace(PARAGRAPH_SEPARATOR_STRING, "\n");
String source_string = source.replace("\r\n", "\n").replace("\r", "\n").replace(LINE_SEPARATOR_STRING, "\n").replace(PARAGRAPH_SEPARATOR_STRING, "\n");
StringBuilder builder;
builder.append(source_string.split_view('\n', true)[position.value().line - 1]);
builder.append('\n');

7
Userland/Libraries/LibJS/Runtime/RegExpPrototype.cpp
View file

@ -84,12 +84,7 @@ static String escape_regexp_pattern(const RegExpObject& regexp_object)
if (pattern.is_empty())
return "(?:)";
// FIXME: Check u flag and escape accordingly
pattern.replace("\n", "\\n", true);
pattern.replace("\r", "\\r", true);
pattern.replace(LINE_SEPARATOR_STRING, "\\u2028", true);
pattern.replace(PARAGRAPH_SEPARATOR_STRING, "\\u2029", true);
pattern.replace("/", "\\/", true);
return pattern;
return pattern.replace("\n", "\\n", true).replace("\r", "\\r", true).replace(LINE_SEPARATOR_STRING, "\\u2028", true).replace(PARAGRAPH_SEPARATOR_STRING, "\\u2029", true).replace("/", "\\/", true);
}
// 22.2.5.2.3 AdvanceStringIndex ( S, index, unicode ), https://tc39.es/ecma262/#sec-advancestringindex

3
Userland/Libraries/LibJS/Runtime/StringPrototype.cpp
View file

@ -1141,11 +1141,10 @@ static Value create_html(GlobalObject& global_object, Value string, const String
auto value_string = value.to_string(global_object);
if (vm.exception())
return {};
value_string.replace("\"", "&quot;", true);
builder.append(' ');
builder.append(attribute);
builder.append("=\"");
builder.append(value_string);
builder.append(value_string.replace("\"", "&quot;", true));
builder.append('"');
}
builder.append('>');

5
Userland/Libraries/LibJS/Token.cpp
View file

@ -207,10 +207,7 @@ String Token::string_value(StringValueStatus& status) const
// 12.8.6.2 Static Semantics: TRV, https://tc39.es/ecma262/multipage/ecmascript-language-lexical-grammar.html#sec-static-semantics-trv
String Token::raw_template_value() const
{
String base = value().to_string();
base.replace("\r\n", "\n", true);
base.replace("\r", "\n", true);
return base;
return value().replace("\r\n", "\n", true).replace("\r", "\n", true);
}
bool Token::bool_value() const