-
Notifications
You must be signed in to change notification settings - Fork 145
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: throw an error in case of unknown properties or inherited proper…
…ties in `workerOpts`, `workerThreadOpts` and `forkOpts` to protect against security issues related to prototype pollution
- Loading branch information
Showing
3 changed files
with
117 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
/** | ||
* Validate that the object only contains known option names | ||
* - Throws an error when unknown options are detected | ||
* - Throws an error when some of the allowed options are attached | ||
* @param {Object | undefined} options | ||
* @param {string[]} allowedOptionNames | ||
* @param {string} objectName | ||
* @retrun {Object} Returns the original options | ||
*/ | ||
exports.validateOptions = function validateOptions(options, allowedOptionNames, objectName) { | ||
if (!options) { | ||
return | ||
} | ||
|
||
var optionNames = options ? Object.keys(options) : [] | ||
|
||
// check for unknown properties | ||
var unknownOptionName = optionNames.find(optionName => !allowedOptionNames.includes(optionName)) | ||
if (unknownOptionName) { | ||
throw new Error('Object "' + objectName + '" contains an unknown option "' + unknownOptionName + '"') | ||
} | ||
|
||
// check for inherited properties which are not present on the object itself | ||
var illegalOptionName = allowedOptionNames.find(allowedOptionName => { | ||
return Object.prototype[allowedOptionName] && !optionNames.includes(allowedOptionName) | ||
}) | ||
if (illegalOptionName) { | ||
throw new Error('Object "' + objectName + '" contains an inherited option "' + illegalOptionName + '" which is ' + | ||
'not defined in the object itself but in its prototype. Only plain objects are allowed. ' + | ||
'Please remove the option from the prototype or override it with a value "undefined".') | ||
} | ||
|
||
return options | ||
} | ||
|
||
// source: https://developer.mozilla.org/en-US/docs/Web/API/Worker/Worker | ||
exports.workerOptsNames = [ | ||
'credentials', 'name', 'type' ] | ||
|
||
// source: https://nodejs.org/api/child_process.html#child_processforkmodulepath-args-options | ||
exports.forkOptsNames = [ | ||
'cwd', 'detached', 'env', 'execPath', 'execArgv', 'gid', 'serialization', | ||
'signal', 'killSignal', 'silent', 'stdio', 'uid', 'windowsVerbatimArguments', | ||
'timeout' | ||
] | ||
|
||
// source: https://nodejs.org/api/worker_threads.html#new-workerfilename-options | ||
exports.workerThreadOptsNames = [ | ||
'argv', 'env', 'eval', 'execArgv', 'stdin', 'stdout', 'stderr', 'workerData', | ||
'trackUnmanagedFds', 'transferList', 'resourceLimits', 'name' | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters