[njs] QuickJS: disabling eval() and string normalize.
noreply at nginx.com
noreply at nginx.com
Tue Jul 2 02:36:02 UTC 2024
details: https://github.com/nginx/njs/commit/c773ebcaad703e704220d7f8f9fc40c78f50d779
branches: master
commit: c773ebcaad703e704220d7f8f9fc40c78f50d779
user: Dmitry Volyntsev <xeioex at nginx.com>
date: Fri, 21 Jun 2024 00:06:46 -0700
description:
QuickJS: disabling eval() and string normalize.
---
external/njs_shell.c | 2 +-
src/qjs.c | 18 ++++++++++++++++--
src/qjs.h | 2 +-
3 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/external/njs_shell.c b/external/njs_shell.c
index e00f2529..672215c1 100644
--- a/external/njs_shell.c
+++ b/external/njs_shell.c
@@ -2811,7 +2811,7 @@ njs_engine_qjs_init(njs_engine_t *engine, njs_opts_t *opts)
return NJS_ERROR;
}
- engine->u.qjs.ctx = qjs_new_context(engine->u.qjs.rt);
+ engine->u.qjs.ctx = qjs_new_context(engine->u.qjs.rt, 1);
if (engine->u.qjs.ctx == NULL) {
njs_stderror("JS_NewContext() failed\n");
return NJS_ERROR;
diff --git a/src/qjs.c b/src/qjs.c
index 83b43ad7..0a31b748 100644
--- a/src/qjs.c
+++ b/src/qjs.c
@@ -8,16 +8,30 @@
JSContext *
-qjs_new_context(JSRuntime *rt)
+qjs_new_context(JSRuntime *rt, _Bool eval)
{
JSContext *ctx;
qjs_module_t **module;
- ctx = JS_NewContext(rt);
+ ctx = JS_NewContextRaw(rt);
if (ctx == NULL) {
return NULL;
}
+ JS_AddIntrinsicBaseObjects(ctx);
+ JS_AddIntrinsicDate(ctx);
+ JS_AddIntrinsicRegExp(ctx);
+ JS_AddIntrinsicJSON(ctx);
+ JS_AddIntrinsicProxy(ctx);
+ JS_AddIntrinsicMapSet(ctx);
+ JS_AddIntrinsicTypedArrays(ctx);
+ JS_AddIntrinsicPromise(ctx);
+ JS_AddIntrinsicBigInt(ctx);
+
+ if (eval) {
+ JS_AddIntrinsicEval(ctx);
+ }
+
for (module = qjs_modules; *module != NULL; module++) {
if ((*module)->init(ctx, (*module)->name) == NULL) {
return NULL;
diff --git a/src/qjs.h b/src/qjs.h
index 2307d4d9..71e23d78 100644
--- a/src/qjs.h
+++ b/src/qjs.h
@@ -39,7 +39,7 @@ typedef struct {
} qjs_module_t;
-JSContext *qjs_new_context(JSRuntime *rt);
+JSContext *qjs_new_context(JSRuntime *rt, _Bool eval);
JSValue qjs_buffer_alloc(JSContext *ctx, size_t size);
More information about the nginx-devel
mailing list