Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fix nodejs#1707 hasOwnProperty usage
If hasOwnProperty is overridden, then calling `obj.hasOwnProperty(prop)`
can fail.  Any time a dictionary of user-generated items is built, we
cannot rely on hasOwnProperty being safe, so must call it from the
Object.prototype explicitly.
  • Loading branch information
isaacs committed Sep 15, 2011
1 parent b3af074 commit e06ce75
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 7 deletions.
7 changes: 5 additions & 2 deletions lib/module.js
Expand Up @@ -26,7 +26,10 @@ var runInNewContext = Script.runInNewContext;
var assert = require('assert').ok;


function hOP(obj, prop) {
// If obj.hasOwnProperty has been overridden, then calling
// obj.hasOwnProperty(prop) will break.
// See: https://github.com/joyent/node/issues/1707
function hasOwnProperty(obj, prop) {
return Object.prototype.hasOwnProperty.call(obj, prop);
}

Expand Down Expand Up @@ -91,7 +94,7 @@ function statPath(path) {
var packageCache = {};

function readPackage(requestPath) {
if (hOP(packageCache, requestPath)) {
if (hasOwnProperty(packageCache, requestPath)) {
return packageCache[requestPath];
}

Expand Down
7 changes: 5 additions & 2 deletions lib/querystring.js
Expand Up @@ -25,7 +25,10 @@ var QueryString = exports;
var urlDecode = process.binding('http_parser').urlDecode;


function hOP(obj, prop) {
// If obj.hasOwnProperty has been overridden, then calling
// obj.hasOwnProperty(prop) will break.
// See: https://github.com/joyent/node/issues/1707
function hasOwnProperty(obj, prop) {
return Object.prototype.hasOwnProperty.call(obj, prop);
}

Expand Down Expand Up @@ -171,7 +174,7 @@ QueryString.parse = QueryString.decode = function(qs, sep, eq) {
var k = QueryString.unescape(x[0], true);
var v = QueryString.unescape(x.slice(1).join(eq), true);

if (!hOP(obj, k)) {
if (!hasOwnProperty(obj, k)) {
obj[k] = v;
} else if (!Array.isArray(obj[k])) {
obj[k] = [obj[k], v];
Expand Down
8 changes: 5 additions & 3 deletions lib/repl.js
Expand Up @@ -46,8 +46,10 @@ var path = require('path');
var fs = require('fs');
var rl = require('readline');


function hOP(obj, prop) {
// If obj.hasOwnProperty has been overridden, then calling
// obj.hasOwnProperty(prop) will break.
// See: https://github.com/joyent/node/issues/1707
function hasOwnProperty(obj, prop) {
return Object.prototype.hasOwnProperty.call(obj, prop);
}

Expand Down Expand Up @@ -452,7 +454,7 @@ REPLServer.prototype.complete = function(line) {
group.sort();
for (var j = 0; j < group.length; j++) {
c = group[j];
if (!hOP(uniq, c)) {
if (!hasOwnProperty(uniq, c)) {
completions.push(c);
uniq[c] = true;
}
Expand Down
1 change: 1 addition & 0 deletions test/simple/test-querystring.js
Expand Up @@ -49,6 +49,7 @@ var qsTestCases = [
[' foo = bar ', '%20foo%20=%20bar%20', {' foo ': ' bar '}],
['foo=%zx', 'foo=%25zx', {'foo': '%zx'}],
['foo=%EF%BF%BD', 'foo=%EF%BF%BD', {'foo': '\ufffd' }],
// See: https://github.com/joyent/node/issues/1707
[ 'hasOwnProperty=x&toString=foo&valueOf=bar&__defineGetter__=baz',
'hasOwnProperty=x&toString=foo&valueOf=bar&__defineGetter__=baz',
{ hasOwnProperty: 'x',
Expand Down

0 comments on commit e06ce75

Please sign in to comment.