RegExp.prototype.exec loses flags

When I do the following:
```javascript
foo = String.tainted("fooo")
/o+/g.exec(foo)[0].taint 
```
I get a taint flow like:
```
[
  {
    "begin": 0,
    "end": 3,
    "flow": [
      {
        "operation": "RegExp.prototype.exec",
        "source": false,
        "location": {
          "filename": "debugger eval code",
          "function": "",
          "line": 1,
          "pos": 22,
          "next_line": 1,
          "next_pos": 27,
          "scriptline": 1,
          "scripthash": "92402c89c47bf29bebcb5073059b5e1a"
        },
        "arguments": [
          "o+",
          "ooo",
          "0"
        ]
      },
      {
        "operation": "manual taint source",
        "source": true,
        "location": {
          "filename": "debugger eval code",
          "function": "",
          "line": 1,
          "pos": 14,
          "next_line": 1,
          "next_pos": 29,
          "scriptline": 1,
          "scripthash": "707d3e7d161a0521b25d06181697c47d"
        },
        "arguments": [
          "fooo"
        ]
      }
    ]
  }
]
```
Which loses the global flag.

This makes it impossible to reconstruct the whole regex, sadly. This is due to [EscapeRegexPattern](https://github.com/SAP/project-foxhound/blob/main/js/src/vm/RegExpObject.cpp#L523) not appending flags. We might want to change this to [ToString](https://github.com/SAP/project-foxhound/blob/main/js/src/vm/RegExpObject.cpp#L553)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

RegExp.prototype.exec loses flags #371

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

RegExp.prototype.exec loses flags #371

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions