Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(object#set): enforce key types #21

Merged
merged 1 commit into from Jan 17, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
fix(object#set): enforce key types
  • Loading branch information
marstamm committed Jan 17, 2022
commit 5ab05cbc4fd8d5eafb7db540c491ed0906b9d320
8 changes: 8 additions & 0 deletions lib/object.js
Expand Up @@ -35,6 +35,14 @@ export function set(target, path, value) {

forEach(path, function(key, idx) {

if (typeof key !== 'number' && typeof key !== 'string') {
throw new Error('illegal key type: ' + typeof key + '. Key should be of type number or string.');
}

if (key === 'constructor') {
throw new Error('illegal key: constructor');
}

if (key === '__proto__') {
throw new Error('illegal key: __proto__');
}
Expand Down
21 changes: 21 additions & 0 deletions test/object.spec.js
Expand Up @@ -448,6 +448,27 @@ describe('object', function() {
}).to.throw(/illegal key/);
});


it('should not allow prototype polution via constructor', function() {
expect(function() {
set({}, ['constructor', 'prototype', 'polluted'], 'success');
}).to.throw(/illegal key/);
});


it('should not allow array as key', function() {
expect(function() {
set({}, [['__proto__'], 'polluted'], 'success');
}).to.throw(/illegal key type/);
});


it('should not allow object as key', function() {
expect(function() {
set({}, [{}, 'polluted'], 'success');
}).to.throw(/illegal key type/);
});

});


Expand Down