From: Bryan C. Mills <bcmills@google.com>
Date: Tue, 4 Dec 2018 20:42:32 +0000 (-0500)
Subject: [release-branch.go1.11-security] cmd/go/internal/get: use a strings.Replacer in expand
X-Git-Tag: go1.11.3~4
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=d01ccd8ee871d6eaaaed52851c6ce8b49993f33a;p=gostls13.git

[release-branch.go1.11-security] cmd/go/internal/get: use a strings.Replacer in expand

This should be a no-op, but produces deterministic (and more correct)
behavior if we have accidentally failed to sanitize one of the inputs.

Change-Id: I1271d0ffd01a691ec8c84906c4e02d9e2be19c72
Reviewed-on: https://team-review.git.corp.google.com/c/372705
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
---

diff --git a/src/cmd/go/internal/get/vcs.go b/src/cmd/go/internal/get/vcs.go
index 5cd164f2ff..ff4f9d12ef 100644
--- a/src/cmd/go/internal/get/vcs.go
+++ b/src/cmd/go/internal/get/vcs.go
@@ -966,10 +966,14 @@ func matchGoImport(imports []metaImport, importPath string) (metaImport, error)
 
 // expand rewrites s to replace {k} with match[k] for each key k in match.
 func expand(match map[string]string, s string) string {
+	// We want to replace each match exactly once, and the result of expansion
+	// must not depend on the iteration order through the map.
+	// A strings.Replacer has exactly the properties we're looking for.
+	oldNew := make([]string, 0, 2*len(match))
 	for k, v := range match {
-		s = strings.Replace(s, "{"+k+"}", v, -1)
+		oldNew = append(oldNew, "{"+k+"}", v)
 	}
-	return s
+	return strings.NewReplacer(oldNew...).Replace(s)
 }
 
 // vcsPaths defines the meaning of import paths referring to