diff options
| author | Ben Noordhuis <info@bnoordhuis.nl> | 2017-12-18 15:43:53 +0300 |
|---|---|---|
| committer | Anatoli Papirovski <apapirovski@mac.com> | 2017-12-26 20:37:19 +0300 |
| commit | ad02e0d2415681de7a42c5e841ce737d7ab9d7b3 (patch) | |
| tree | 934dacfe72db6b7b529cfeb08b01d50c84535be5 /src/timer_wrap.cc | |
| parent | 15d880bcb62c628f1e7c3cc7baf659a63b312c7c (diff) | |
timers: make setImmediate() immune to tampering
Make setImmediate() immune to `process` global tampering by removing
the dependency on the `process._immediateCallback` property.
PR-URL: https://github.com/nodejs/node/pull/17736
Fixes: https://github.com/nodejs/node/issues/17681
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'src/timer_wrap.cc')
| -rw-r--r-- | src/timer_wrap.cc | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/timer_wrap.cc b/src/timer_wrap.cc index 874c80d8d70..5c3f499d163 100644 --- a/src/timer_wrap.cc +++ b/src/timer_wrap.cc @@ -29,7 +29,9 @@ namespace node { namespace { +using v8::Array; using v8::Context; +using v8::Function; using v8::FunctionCallbackInfo; using v8::FunctionTemplate; using v8::HandleScope; @@ -67,11 +69,32 @@ class TimerWrap : public HandleWrap { env->SetProtoMethod(constructor, "stop", Stop); target->Set(timerString, constructor->GetFunction()); + + target->Set(env->context(), + FIXED_ONE_BYTE_STRING(env->isolate(), "setImmediateCallback"), + env->NewFunctionTemplate(SetImmediateCallback) + ->GetFunction(env->context()).ToLocalChecked()).FromJust(); } size_t self_size() const override { return sizeof(*this); } private: + static void SetImmediateCallback(const FunctionCallbackInfo<Value>& args) { + CHECK(args[0]->IsFunction()); + auto env = Environment::GetCurrent(args); + env->set_immediate_callback_function(args[0].As<Function>()); + auto activate_cb = [] (const FunctionCallbackInfo<Value>& args) { + Environment::GetCurrent(args)->ActivateImmediateCheck(); + }; + auto activate_function = + env->NewFunctionTemplate(activate_cb)->GetFunction(env->context()) + .ToLocalChecked(); + auto result = Array::New(env->isolate(), 2); + result->Set(0, activate_function); + result->Set(1, env->scheduled_immediate_count().GetJSArray()); + args.GetReturnValue().Set(result); + } + static void New(const FunctionCallbackInfo<Value>& args) { // This constructor should not be exposed to public javascript. // Therefore we assert that we are not trying to call this as a |