AK+LibWeb: Make StringBase::bytes() lvalue-only

Disallow calling `StringBase::bytes()` on temporaries to avoid returning `ReadonlyBytes` that outlive the underlying string. With this change, we catch a real UAF: `load_result.data = maybe_response.release_value().bytes();` All other updated call sites were already safe, they just needed to use an intermediate named variable to satisfy the new lvalue-only requirement.
Author: https://github.com/kalenikaliaksandr Commit: 69cede4a0f Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/6932 Reviewed-by: https://github.com/trflynn89 ✅
2025-12-08 06:09:58 +00:00 · 2025-11-25 18:06:48 +01:00 · 2025-11-25 18:06:48 +01:00 · 69cede4a0f · 2025-11-25 18:03:33 +00:00
commit 69cede4a0f
parent d1f34efa64
8 changed files with 31 additions and 16 deletions
--- a/Libraries/LibWeb/Loader/ResourceLoader.cpp
+++ b/Libraries/LibWeb/Loader/ResourceLoader.cpp
@ -326,7 +326,7 @@ void ResourceLoader::handle_resource_load_request(LoadRequest const& request, Re
        }

        FileLoadResult load_result;
-        load_result.data = maybe_response.release_value().bytes();
+        load_result.data = maybe_response.value().bytes();
        load_result.response_headers.set("Content-Type"sv, "text/html"sv);
        on_resource(load_result);
        return;