Skip to content

Commit

Permalink
Fix prototype pollution vulnerability
Browse files Browse the repository at this point in the history
  • Loading branch information
aearly committed Oct 28, 2021
1 parent fc9ba65 commit e1ecdbf
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
3 changes: 3 additions & 0 deletions lib/internal/iterator.js
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ function createObjectIterator(obj) {
var len = okeys.length;
return function next() {
var key = okeys[++i];
if (key === '__proto__') {
return next();
}
return i < len ? {value: obj[key], key} : null;
};
}
Expand Down
11 changes: 11 additions & 0 deletions test/mapValues.js
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,17 @@ describe('mapValues', () => {
done();
}, 50);
});

it('prototype pollution', (done) => {
var input = JSON.parse('{"a": 1, "b": 2, "__proto__": { "exploit": true }}');

async.mapValues(input, (val, key, next) => {
next(null, val)
}, (err, result) => {
expect(result.exploit).to.equal(undefined)
done(err);
})
})
});

context('mapValues', () => {
Expand Down

0 comments on commit e1ecdbf

Please sign in to comment.