From 55833cf799979e63c6b027fbbf018272308caf5c Mon Sep 17 00:00:00 2001
From: Kenta Moriuchi <moriken@kimamass.com>
Date: Wed, 1 Mar 2023 08:14:16 +0900
Subject: fix(core): introduce `SafeRegExp` to primordials (#17592)

---
 ext/fetch/20_headers.js  |  3 ++-
 ext/fetch/21_formdata.js | 34 +++++++++++++++++++++++-----------
 ext/fetch/23_response.js |  4 ++--
 3 files changed, 27 insertions(+), 14 deletions(-)

(limited to 'ext/fetch')

diff --git a/ext/fetch/20_headers.js b/ext/fetch/20_headers.js
index b8fd8ab83..a432e76f4 100644
--- a/ext/fetch/20_headers.js
+++ b/ext/fetch/20_headers.js
@@ -32,6 +32,7 @@ const {
   ObjectEntries,
   RegExpPrototypeTest,
   SafeArrayIterator,
+  SafeRegExp,
   Symbol,
   SymbolFor,
   SymbolIterator,
@@ -88,7 +89,7 @@ function fillHeaders(headers, object) {
 
 // Regex matching illegal chars in a header value
 // deno-lint-ignore no-control-regex
-const ILLEGAL_VALUE_CHARS = /[\x00\x0A\x0D]/;
+const ILLEGAL_VALUE_CHARS = new SafeRegExp(/[\x00\x0A\x0D]/);
 
 /**
  * https://fetch.spec.whatwg.org/#concept-headers-append
diff --git a/ext/fetch/21_formdata.js b/ext/fetch/21_formdata.js
index 647c716b3..724511633 100644
--- a/ext/fetch/21_formdata.js
+++ b/ext/fetch/21_formdata.js
@@ -26,7 +26,9 @@ const {
   MapPrototypeGet,
   MapPrototypeSet,
   MathRandom,
+  ObjectFreeze,
   ObjectPrototypeIsPrototypeOf,
+  SafeRegExp,
   Symbol,
   StringFromCharCode,
   StringPrototypeTrim,
@@ -277,19 +279,25 @@ webidl.mixinPairIterable("FormData", FormData, entryList, "name", "value");
 webidl.configurePrototype(FormData);
 const FormDataPrototype = FormData.prototype;
 
-const escape = (str, isFilename) => {
-  const escapeMap = {
-    "\n": "%0A",
-    "\r": "%0D",
-    '"': "%22",
-  };
+const ESCAPE_FILENAME_PATTERN = new SafeRegExp(/\r?\n|\r/g);
+const ESCAPE_PATTERN = new SafeRegExp(/([\n\r"])/g);
+const ESCAPE_MAP = ObjectFreeze({
+  "\n": "%0A",
+  "\r": "%0D",
+  '"': "%22",
+});
 
+function escape(str, isFilename) {
   return StringPrototypeReplace(
-    isFilename ? str : StringPrototypeReplace(str, /\r?\n|\r/g, "\r\n"),
-    /([\n\r"])/g,
-    (c) => escapeMap[c],
+    isFilename
+      ? str
+      : StringPrototypeReplace(str, ESCAPE_FILENAME_PATTERN, "\r\n"),
+    ESCAPE_PATTERN,
+    (c) => ESCAPE_MAP[c],
   );
-};
+}
+
+const FORM_DETA_SERIALIZE_PATTERN = new SafeRegExp(/\r(?!\n)|(?<!\r)\n/g);
 
 /**
  * convert FormData to a Blob synchronous without reading all of the files
@@ -313,7 +321,11 @@ function formDataToBlob(formData) {
       ArrayPrototypePush(
         chunks,
         prefix + escape(name) + '"' + CRLF + CRLF +
-          StringPrototypeReplace(value, /\r(?!\n)|(?<!\r)\n/g, CRLF) + CRLF,
+          StringPrototypeReplace(
+            value,
+            FORM_DETA_SERIALIZE_PATTERN,
+            CRLF,
+          ) + CRLF,
       );
     } else {
       ArrayPrototypePush(
diff --git a/ext/fetch/23_response.js b/ext/fetch/23_response.js
index 4b579a306..6e8955167 100644
--- a/ext/fetch/23_response.js
+++ b/ext/fetch/23_response.js
@@ -37,9 +37,9 @@ const {
   ObjectDefineProperties,
   ObjectPrototypeIsPrototypeOf,
   RangeError,
-  RegExp,
   RegExpPrototypeTest,
   SafeArrayIterator,
+  SafeRegExp,
   Symbol,
   SymbolFor,
   TypeError,
@@ -54,7 +54,7 @@ const REASON_PHRASE = [
   ...new SafeArrayIterator(OBS_TEXT),
 ];
 const REASON_PHRASE_MATCHER = regexMatcher(REASON_PHRASE);
-const REASON_PHRASE_RE = new RegExp(`^[${REASON_PHRASE_MATCHER}]*$`);
+const REASON_PHRASE_RE = new SafeRegExp(`^[${REASON_PHRASE_MATCHER}]*$`);
 
 const _response = Symbol("response");
 const _headers = Symbol("headers");
-- 
cgit v1.2.3