Skip to content

Disabling static strings during StringBuffer conversion#296

Merged
leeN merged 2 commits into
SAP:mainfrom
tmbrbr:static-string-disable
May 27, 2025
Merged

Disabling static strings during StringBuffer conversion#296
leeN merged 2 commits into
SAP:mainfrom
tmbrbr:static-string-disable

Conversation

@tmbrbr

@tmbrbr tmbrbr commented May 27, 2025

Copy link
Copy Markdown
Contributor

This patch disables static string creation during StringBuffer to JSString conversions, in order to ensure taint information does not get lost. As such this fixes #290.

Also adding more tests which reproduce this issue to prevent regression.

@tmbrbr tmbrbr marked this pull request as ready for review May 27, 2025 07:49
@tmbrbr tmbrbr requested a review from leeN May 27, 2025 07:49
@tmbrbr tmbrbr self-assigned this May 27, 2025
@leeN

leeN commented May 27, 2025

Copy link
Copy Markdown
Collaborator

Can we meaningfully taint empty strings? TryEmptyOrStaticString says they are super common, so maybe the "cleaner" way would be to change the logic here and only remove the static string lookup for non empty strings? or to move the following check over:

    if (n == 0) {
      return cx->emptyString();
    }

@tmbrbr

tmbrbr commented May 27, 2025

Copy link
Copy Markdown
Contributor Author

Can we meaningfully taint empty strings? TryEmptyOrStaticString says they are super common, so maybe the "cleaner" way would be to change the logic here and only remove the static string lookup for non empty strings? or to move the following check over:

    if (n == 0) {
      return cx->emptyString();
    }

Good idea, I just checked and all of the TryEmptyOrStaticString are now commented out by us! So I think the best strategy is to re-enable them, and disable the static string part centrally in TryEmptyOrStaticString itself.

@tmbrbr

tmbrbr commented May 27, 2025

Copy link
Copy Markdown
Contributor Author

Something like this? ☝️

leeN
leeN approved these changes May 27, 2025
View reviewed changes

@leeN leeN left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@leeN leeN merged commit f093725 into SAP:main May 27, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leeN leeN leeN approved these changes

Assignees

@tmbrbr tmbrbr

Labels

Incomplete taint propagation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Failing Tests

2 participants

@tmbrbr @leeN