1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 14:37:45 +00:00

AK: Replace the mutable String::replace API with an immutable version

This removes the awkward String::replace API which was the only String
API which mutated the String and replaces it with a new immutable
version that returns a new String with the replacements applied. This
also fixes a couple of UAFs that were caused by the use of this API.

As an optimization an equivalent StringView::replace API was also added
to remove an unnecessary String allocations in the format of:
`String { view }.replace(...);`
This commit is contained in:
Idan Horowitz 2021-09-11 02:15:44 +03:00
parent aba4c9579f
commit 6704961c82
26 changed files with 72 additions and 118 deletions

View file

@ -117,11 +117,7 @@ public:
return {};
// We need to modify the source to match what the lexer considers one line - normalizing
// line terminators to \n is easier than splitting using all different LT characters.
String source_string { source };
source_string.replace("\r\n", "\n");
source_string.replace("\r", "\n");
source_string.replace(LINE_SEPARATOR_STRING, "\n");
source_string.replace(PARAGRAPH_SEPARATOR_STRING, "\n");
String source_string = source.replace("\r\n", "\n").replace("\r", "\n").replace(LINE_SEPARATOR_STRING, "\n").replace(PARAGRAPH_SEPARATOR_STRING, "\n");
StringBuilder builder;
builder.append(source_string.split_view('\n', true)[position.value().line - 1]);
builder.append('\n');

View file

@ -84,12 +84,7 @@ static String escape_regexp_pattern(const RegExpObject& regexp_object)
if (pattern.is_empty())
return "(?:)";
// FIXME: Check u flag and escape accordingly
pattern.replace("\n", "\\n", true);
pattern.replace("\r", "\\r", true);
pattern.replace(LINE_SEPARATOR_STRING, "\\u2028", true);
pattern.replace(PARAGRAPH_SEPARATOR_STRING, "\\u2029", true);
pattern.replace("/", "\\/", true);
return pattern;
return pattern.replace("\n", "\\n", true).replace("\r", "\\r", true).replace(LINE_SEPARATOR_STRING, "\\u2028", true).replace(PARAGRAPH_SEPARATOR_STRING, "\\u2029", true).replace("/", "\\/", true);
}
// 22.2.5.2.3 AdvanceStringIndex ( S, index, unicode ), https://tc39.es/ecma262/#sec-advancestringindex

View file

@ -1141,11 +1141,10 @@ static Value create_html(GlobalObject& global_object, Value string, const String
auto value_string = value.to_string(global_object);
if (vm.exception())
return {};
value_string.replace("\"", """, true);
builder.append(' ');
builder.append(attribute);
builder.append("=\"");
builder.append(value_string);
builder.append(value_string.replace("\"", """, true));
builder.append('"');
}
builder.append('>');

View file

@ -207,10 +207,7 @@ String Token::string_value(StringValueStatus& status) const
// 12.8.6.2 Static Semantics: TRV, https://tc39.es/ecma262/multipage/ecmascript-language-lexical-grammar.html#sec-static-semantics-trv
String Token::raw_template_value() const
{
String base = value().to_string();
base.replace("\r\n", "\n", true);
base.replace("\r", "\n", true);
return base;
return value().replace("\r\n", "\n", true).replace("\r", "\n", true);
}
bool Token::bool_value() const