[njs] QuickJS: disabling eval() and Function() in qjs_new_context().
noreply at nginx.com
noreply at nginx.com
Wed Sep 4 00:59:02 UTC 2024
details: https://github.com/nginx/njs/commit/8e02600da88bd70a2a4aff88e9bb38fbd849f9f3
branches: master
commit: 8e02600da88bd70a2a4aff88e9bb38fbd849f9f3
user: Dmitry Volyntsev <xeioex at nginx.com>
date: Wed, 24 Jul 2024 16:30:10 -0700
description:
QuickJS: disabling eval() and Function() in qjs_new_context().
This properly disables eval() after previous attempt in c773ebcaad
(0.8.5). In QuickJS buint-in C level eval API, which is used by njs, is
linked to eval() in JS code. To disable only the JS function
manual modification of global object is required.
---
external/njs_shell.c | 2 +-
src/qjs.c | 31 ++++++++++++++++++++++++++-----
src/qjs.h | 2 +-
3 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/external/njs_shell.c b/external/njs_shell.c
index 80693634..30d4d8c6 100644
--- a/external/njs_shell.c
+++ b/external/njs_shell.c
@@ -2731,7 +2731,7 @@ njs_engine_qjs_init(njs_engine_t *engine, njs_opts_t *opts)
return NJS_ERROR;
}
- engine->u.qjs.ctx = qjs_new_context(engine->u.qjs.rt, NULL, 1);
+ engine->u.qjs.ctx = qjs_new_context(engine->u.qjs.rt, NULL);
if (engine->u.qjs.ctx == NULL) {
njs_stderror("JS_NewContext() failed\n");
return NJS_ERROR;
diff --git a/src/qjs.c b/src/qjs.c
index 71aeab64..e7653569 100644
--- a/src/qjs.c
+++ b/src/qjs.c
@@ -17,8 +17,10 @@ static const JSCFunctionListEntry qjs_global_proto[] = {
JSContext *
-qjs_new_context(JSRuntime *rt, qjs_module_t **addons, _Bool eval)
+qjs_new_context(JSRuntime *rt, qjs_module_t **addons)
{
+ int ret;
+ JSAtom prop;
JSValue global_obj;
JSContext *ctx;
qjs_module_t **module;
@@ -37,10 +39,7 @@ qjs_new_context(JSRuntime *rt, qjs_module_t **addons, _Bool eval)
JS_AddIntrinsicTypedArrays(ctx);
JS_AddIntrinsicPromise(ctx);
JS_AddIntrinsicBigInt(ctx);
-
- if (eval) {
- JS_AddIntrinsicEval(ctx);
- }
+ JS_AddIntrinsicEval(ctx);
for (module = qjs_modules; *module != NULL; module++) {
if ((*module)->init(ctx, (*module)->name) == NULL) {
@@ -61,6 +60,28 @@ qjs_new_context(JSRuntime *rt, qjs_module_t **addons, _Bool eval)
JS_SetPropertyFunctionList(ctx, global_obj, qjs_global_proto,
njs_nitems(qjs_global_proto));
+ prop = JS_NewAtom(ctx, "eval");
+ if (prop == JS_ATOM_NULL) {
+ return NULL;
+ }
+
+ ret = JS_DeleteProperty(ctx, global_obj, prop, 0);
+ JS_FreeAtom(ctx, prop);
+ if (ret < 0) {
+ return NULL;
+ }
+
+ prop = JS_NewAtom(ctx, "Function");
+ if (prop == JS_ATOM_NULL) {
+ return NULL;
+ }
+
+ ret = JS_DeleteProperty(ctx, global_obj, prop, 0);
+ JS_FreeAtom(ctx, prop);
+ if (ret < 0) {
+ return NULL;
+ }
+
JS_FreeValue(ctx, global_obj);
return ctx;
diff --git a/src/qjs.h b/src/qjs.h
index 516fea96..dff5919b 100644
--- a/src/qjs.h
+++ b/src/qjs.h
@@ -41,7 +41,7 @@ typedef struct {
} qjs_module_t;
-JSContext *qjs_new_context(JSRuntime *rt, qjs_module_t **addons, _Bool eval);
+JSContext *qjs_new_context(JSRuntime *rt, qjs_module_t **addons);
JSValue qjs_buffer_alloc(JSContext *ctx, size_t size);
More information about the nginx-devel
mailing list