mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 06:07:34 +00:00
AK+Everywhere: Disallow Error::from_string_view(FooString)
That pattern seems to show up a lot in code written by people that aren't intimately familiar with the lifetime model of Error and Strings. This commit makes the compiler detect it and present a more helpful diagnostic than "garbage string at runtime".
This commit is contained in:
parent
cc35bab143
commit
7e6341587b
7 changed files with 29 additions and 14 deletions
10
AK/Error.h
10
AK/Error.h
|
@ -38,6 +38,16 @@ public:
|
|||
return Error(syscall_name, rc);
|
||||
}
|
||||
[[nodiscard]] static Error from_string_view(StringView string_literal) { return Error(string_literal); }
|
||||
|
||||
template<OneOf<DeprecatedString, DeprecatedFlyString, String, FlyString> T>
|
||||
static Error from_string_view(T)
|
||||
{
|
||||
// `Error::from_string_view(DeprecatedString::formatted(...))` is a somewhat common mistake, which leads to a UAF situation.
|
||||
// If your string outlives this error and _isn't_ a temporary being passed to this function, explicitly call .view() on it to resolve to the StringView overload.
|
||||
static_assert(DependentFalse<T>, "Error::from_string_view(String) is almost always a use-after-free");
|
||||
VERIFY_NOT_REACHED();
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
[[nodiscard]] static Error copy(Error const& error)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue