From b2cd254c35b6b1b128beea0eacdb8e814d91e003 Mon Sep 17 00:00:00 2001 From: Kenta Moriuchi Date: Thu, 4 Jan 2024 13:12:38 +0900 Subject: fix: strict type check for cross realms (#21669) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Deno v1.39 introduces `vm.runInNewContext`. This may cause problems when using `Object.prototype.isPrototypeOf` to check built-in types. ```js import vm from "node:vm"; const err = new Error(); const crossErr = vm.runInNewContext(`new Error()`); console.assert( !(crossErr instanceof Error) ); console.assert( Object.getPrototypeOf(err) !== Object.getPrototypeOf(crossErr) ); ``` This PR changes to check using internal slots solves them. --- current: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error {} > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) Date {} ``` this PR: ``` > import vm from "node:vm"; undefined > vm.runInNewContext(`new Error("message")`) Error: message at :1:1 > vm.runInNewContext(`new Date("2018-12-10T02:26:59.002Z")`) 2018-12-10T02:26:59.002Z ``` --------- Co-authored-by: Bartek IwaƄczuk --- runtime/js/98_global_scope.js | 2 +- runtime/js/99_main.js | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'runtime') diff --git a/runtime/js/98_global_scope.js b/runtime/js/98_global_scope.js index 0c3bf7ea7..14b11cbde 100644 --- a/runtime/js/98_global_scope.js +++ b/runtime/js/98_global_scope.js @@ -36,7 +36,7 @@ import * as fetch from "ext:deno_fetch/26_fetch.js"; import * as eventSource from "ext:deno_fetch/27_eventsource.js"; import * as messagePort from "ext:deno_web/13_message_port.js"; import * as webidl from "ext:deno_webidl/00_webidl.js"; -import DOMException from "ext:deno_web/01_dom_exception.js"; +import { DOMException } from "ext:deno_web/01_dom_exception.js"; import * as abortSignal from "ext:deno_web/03_abort_signal.js"; import * as globalInterfaces from "ext:deno_web/04_global_interfaces.js"; import * as webStorage from "ext:deno_webstorage/01_webstorage.js"; diff --git a/runtime/js/99_main.js b/runtime/js/99_main.js index 2e1b962e3..625d77f40 100644 --- a/runtime/js/99_main.js +++ b/runtime/js/99_main.js @@ -27,6 +27,9 @@ const { SymbolIterator, TypeError, } = primordials; +const { + isNativeError, +} = core; import * as util from "ext:runtime/06_util.js"; import * as event from "ext:deno_web/02_event.js"; import * as location from "ext:deno_web/12_location.js"; @@ -52,7 +55,7 @@ import { } from "ext:runtime/90_deno_ns.js"; import { errors } from "ext:runtime/01_errors.js"; import * as webidl from "ext:deno_webidl/00_webidl.js"; -import DOMException from "ext:deno_web/01_dom_exception.js"; +import { DOMException } from "ext:deno_web/01_dom_exception.js"; import { mainRuntimeGlobalProperties, memoizeLazy, @@ -235,7 +238,10 @@ const opPpid = memoizeLazy(() => ops.op_ppid()); setNoColorFn(() => ops.op_bootstrap_no_color() || !ops.op_bootstrap_is_tty()); function formatException(error) { - if (ObjectPrototypeIsPrototypeOf(ErrorPrototype, error)) { + if ( + isNativeError(error) || + ObjectPrototypeIsPrototypeOf(ErrorPrototype, error) + ) { return null; } else if (typeof error == "string") { return `Uncaught ${ -- cgit v1.2.3