Revert "Foundation: fix missing string terminator"

compnerd · compnerd · commit f66ba9ed364e · 2020-02-17T17:03:53.000-08:00
This reverts commit f3a6f50. It also fixes the underlying issue of the heap corruption. There is no guarantee that the underlying storage for an allocation is done by `malloc`. It is possible that the size may be small enough to be pushed down to a stack allocation, which cannot be released by `free`. Buffers record how they are allocated and adjust the release accordingly. The safe way to release the memory is to use `deallocate`. Although the initial approach fixed the heap corruption, it did so at the single site, but this is a problem with a public interface. Use the `deallocate` method on the buffer when releasing the memory to ensure that the correct mechanism is used for releasing the resources. This is not specific to Windows but to any platform where a stack allocated buffer or an aligned allocation may not be passed to `free`. Thanks to Lily Vulcano for pressing me to investigate this further and root cause the failure in the public interface!
diff --git a/Docs/ReleaseNotes_Swift5.md b/Docs/ReleaseNotes_Swift5.md
@@ -156,3 +156,10 @@ A few notes:
 * The exception-throwing API will be deprecated in a future release. It is now marked as `@available(…, deprecated: 100000, …)`, which matches what you would see if `API_TO_BE_DEPRECATED` was used in a Objective-C header.
 
 * Subclassing `NSFileHandle` is strongly discouraged. Many of the new methods are `public` and cannot be overridden.
+
+## `NSString(bytesNoCopy:length:encoding:freeWhenDone:)` deviations from reference implementation
+
+On Windows, `NSString(bytesNoCopy:length:encoding:freeWhenDone:)` deviates from
+the behaviour on Darwin and uses the buffer's `deallocate` routine rather than
+`free`.  This is done to ensure that small buffers which are stack allocated
+through `alloca` can be properly released.
diff --git a/Sources/Foundation/NSData.swift b/Sources/Foundation/NSData.swift
@@ -599,12 +599,10 @@ open class NSData : NSObject, NSCopying, NSMutableCopying, NSSecureCoding {
 
         let capacity = estimateBase64Size(length: dataLength)
         let ptr = UnsafeMutableRawPointer.allocate(byteCount: capacity, alignment: 1)
-        defer { ptr.deallocate() }
         let buffer = UnsafeMutableRawBufferPointer(start: ptr, count: capacity)
         let length = NSData.base64EncodeBytes(self, options: options, buffer: buffer)
 
-        let utf8buffer = UnsafeBufferPointer<UInt8>(start: ptr.assumingMemoryBound(to: UInt8.self), count: length)
-        return String(decoding: utf8buffer, as: UTF8.self)
+        return String(bytesNoCopy: ptr, length: length, encoding: .ascii, freeWhenDone: true)!
     }
 
     /// Creates a Base64, UTF-8 encoded Data from the data object using the given options.
diff --git a/Sources/Foundation/NSString.swift b/Sources/Foundation/NSString.swift
@@ -1359,7 +1359,7 @@ extension NSString {
         // just copy for now since the internal storage will be a copy anyhow
         self.init(bytes: bytes, length: len, encoding: encoding)
         if freeBuffer { // don't take the hint
-            free(bytes)
+          bytes.deallocate()
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -1359,7 +1359,7 @@ extension NSString {`
`1359`	`1359`	`// just copy for now since the internal storage will be a copy anyhow`
`1360`	`1360`	`self.init(bytes: bytes, length: len, encoding: encoding)`
`1361`	`1361`	`if freeBuffer { // don't take the hint`
`1362`		`- free(bytes)`
	`1362`	`+ bytes.deallocate()`
`1363`	`1363`	`}`
`1364`	`1364`	`}`
`1365`	`1365`