From b2cd254c35b6b1b128beea0eacdb8e814d91e003 Mon Sep 17 00:00:00 2001 From: Kenta Moriuchi Date: Thu, 4 Jan 2024 13:12:38 +0900 Subject: fix: strict type check for cross realms (#21669) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Deno v1.39 introduces `vm.runInNewContext`. This may cause problems when using `Object.prototype.isPrototypeOf` to check built-in types. ```js import vm from "node:vm"; const err = new Error(); const crossErr = vm.runInNewContext(`new Error()`); console.assert( !(crossErr instanceof Error) ); console.assert( Object.getPrototypeOf(err) !== Object.getPrototypeOf(crossErr) ); ``` This PR changes to check using internal slots solves them. --- current: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error {} > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) Date {} ``` this PR: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error: message at :1:1 > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) 2018-12-10T02:26:59.002Z ``` --------- Co-authored-by: Bartek IwaƄczuk --- ext/crypto/00_crypto.js | 59 +++++++++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 34 deletions(-) (limited to 'ext/crypto/00_crypto.js') diff --git a/ext/crypto/00_crypto.js b/ext/crypto/00_crypto.js index 5e207e629..06dd0f41a 100644 --- a/ext/crypto/00_crypto.js +++ b/ext/crypto/00_crypto.js @@ -20,10 +20,9 @@ const { import * as webidl from "ext:deno_webidl/00_webidl.js"; import { createFilteredInspectProxy } from "ext:deno_console/01_console.js"; -import DOMException from "ext:deno_web/01_dom_exception.js"; +import { DOMException } from "ext:deno_web/01_dom_exception.js"; const { ArrayBufferIsView, - ArrayBufferPrototype, ArrayBufferPrototypeGetByteLength, ArrayBufferPrototypeSlice, ArrayPrototypeEvery, @@ -58,6 +57,11 @@ const { WeakMapPrototypeGet, WeakMapPrototypeSet, } = primordials; +const { + isArrayBuffer, + isTypedArray, + isDataView, +} = core; // P-521 is not yet supported. const supportedNamedCurves = ["P-256", "P-384"]; @@ -280,26 +284,22 @@ function normalizeAlgorithm(algorithm, op) { * @returns {Uint8Array} */ function copyBuffer(input) { - if (ArrayBufferIsView(input)) { - if (TypedArrayPrototypeGetSymbolToStringTag(input) !== undefined) { - // TypedArray - return TypedArrayPrototypeSlice( - new Uint8Array( - TypedArrayPrototypeGetBuffer(/** @type {Uint8Array} */ (input)), - TypedArrayPrototypeGetByteOffset(/** @type {Uint8Array} */ (input)), - TypedArrayPrototypeGetByteLength(/** @type {Uint8Array} */ (input)), - ), - ); - } else { - // DataView - return TypedArrayPrototypeSlice( - new Uint8Array( - DataViewPrototypeGetBuffer(/** @type {DataView} */ (input)), - DataViewPrototypeGetByteOffset(/** @type {DataView} */ (input)), - DataViewPrototypeGetByteLength(/** @type {DataView} */ (input)), - ), - ); - } + if (isTypedArray(input)) { + return TypedArrayPrototypeSlice( + new Uint8Array( + TypedArrayPrototypeGetBuffer(/** @type {Uint8Array} */ (input)), + TypedArrayPrototypeGetByteOffset(/** @type {Uint8Array} */ (input)), + TypedArrayPrototypeGetByteLength(/** @type {Uint8Array} */ (input)), + ), + ); + } else if (isDataView(input)) { + return TypedArrayPrototypeSlice( + new Uint8Array( + DataViewPrototypeGetBuffer(/** @type {DataView} */ (input)), + DataViewPrototypeGetByteOffset(/** @type {DataView} */ (input)), + DataViewPrototypeGetByteLength(/** @type {DataView} */ (input)), + ), + ); } // ArrayBuffer return TypedArrayPrototypeSlice( @@ -944,19 +944,13 @@ class SubtleCrypto { // 2. if (format !== "jwk") { - if ( - ArrayBufferIsView(keyData) || - ObjectPrototypeIsPrototypeOf(ArrayBufferPrototype, keyData) - ) { + if (ArrayBufferIsView(keyData) || isArrayBuffer(keyData)) { keyData = copyBuffer(keyData); } else { throw new TypeError("keyData is a JsonWebKey"); } } else { - if ( - ArrayBufferIsView(keyData) || - ObjectPrototypeIsPrototypeOf(ArrayBufferPrototype, keyData) - ) { + if (ArrayBufferIsView(keyData) || isArrayBuffer(keyData)) { throw new TypeError("keyData is not a JsonWebKey"); } } @@ -4778,10 +4772,7 @@ webidl.converters["BufferSource or JsonWebKey"] = ( opts, ) => { // Union for (BufferSource or JsonWebKey) - if ( - ArrayBufferIsView(V) || - ObjectPrototypeIsPrototypeOf(ArrayBufferPrototype, V) - ) { + if (ArrayBufferIsView(V) || isArrayBuffer(V)) { return webidl.converters.BufferSource(V, prefix, context, opts); } return webidl.converters.JsonWebKey(V, prefix, context, opts); -- cgit v1.2.3