Remove unsafe string mutation code from repo

[GrabYourPitchforks]

Strings in .NET are immutable, and we want to experiment with runtime features (deduplication, codegen optimizations, etc.) which rely on this fact. To accomplish this we'll need to start moving away from existing code which mutates string instances in-place. Here's a first-pass at all the places in this repo which mutate strings and recommended workarounds for them.

aspnetcore/src/Shared/ServerInfrastructure/StringUtilities.cs

Lines 73 to 94 in 8f56489

	public static unsafe string GetLatin1StringNonNullCharacters(this ReadOnlySpan<byte> span)
	{
	if (span.IsEmpty)
	{
	return string.Empty;
	}
	var resultString = new string('\0', span.Length);
	fixed (char* output = resultString)
	fixed (byte* buffer = span)
	{
	// This returns false if there are any null (0 byte) characters in the string.
	if (!TryGetLatin1String(buffer, output, span.Length))
	{
	// null characters are considered invalid
	throw new InvalidOperationException();
	}
	}
	return resultString;
	}

(Similar code here and here.)

Suggested workaround (pseudocode):

fixed (byte* pBytes = bytes)
{
    return string.Create(bytes.Length, (IntPtr)pBytes, (span, ptr) =>
    {
        fixed (char* pChars = span)
        {
            WidenAndCopy((byte*)ptr, pChars, span.Length);
        }
    });
}

aspnetcore/src/DataProtection/Cryptography.Internal/src/SafeHandles/BCryptAlgorithmHandle.cs

Lines 78 to 84 in 28a0a53

	// Allocate a string object and write directly into it (CLR team approves of this mechanism).
	string retVal = new String((char)0, checked((int)numCharsWithoutNull));
	uint numBytesCopied;
	fixed (char* pRetVal = retVal)
	{
	numBytesCopied = GetProperty(Constants.BCRYPT_ALGORITHM_NAME, pRetVal, byteLengthOfNameWithTerminatingNull);
	}

Suggested workaround: Write to a stackalloced buffer, or rent a char array and write to that, then turn it into a string. Or use string.Create and avoid the intermediate rentals.

[gfoidl]

I'd like to look into this.

[BrennanConroy]

While we're looking into fixing these we should keep #4720 in mind. I.e. Try to remove unsafe.

[gfoidl]

It's on my radar. Thanks.

Thanks for contacting us.
We're moving this issue to the Next sprint planning milestone for future evaluation / consideration. Because it's not immediately obvious that this is a bug in our framework, we would like to keep this around to collect more feedback, which can later help us determine the impact of it. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

[BrennanConroy]

Done via #31850