Skip to content

assert: add __proto__ null #48661

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

assert: add __proto__ null #48661

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
32a2a9a
assert: add __proto__ null
rluvaton Jul 5, 2023
99dedf0
assert: dont add __proto__: null for call result
rluvaton Jul 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 26 additions & 7 deletions lib/assert.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ let warned = false;

const assert = module.exports = ok;

const NO_EXCEPTION_SENTINEL = {};
const NO_EXCEPTION_SENTINEL = { __proto__: null };

// All of the following functions must throw an AssertionError
// when a corresponding condition is not met, with a message that
Expand Down Expand Up @@ -159,6 +159,7 @@ function fail(actual, expected, message, operator, stackStartFn) {
if (message instanceof Error) throw message;

const errArgs = {
__proto__: null,
actual,
expected,
operator: operator === undefined ? 'fail' : operator,
Expand Down Expand Up @@ -253,15 +254,15 @@ function parseCode(code, offset) {
let node;
let start;
// Parse the read code until the correct expression is found.
for (const token of tokenizer(code, { ecmaVersion: 'latest' })) {
for (const token of tokenizer(code, { __proto__: null, ecmaVersion: 'latest' })) {
start = token.start;
if (start > offset) {
// No matching expression found. This could happen if the assert
// expression is bigger than the provided buffer.
break;
}
try {
node = parseExpressionAt(code, start, { ecmaVersion: 'latest' });
node = parseExpressionAt(code, start, { __proto__: null, ecmaVersion: 'latest' });
// Find the CallExpression in the tree.
node = findNodeAround(node, offset, 'CallExpression');
if (node?.node.end >= offset) {
Expand Down Expand Up @@ -289,7 +290,7 @@ function getErrMessage(message, fn) {
if (errorStackTraceLimitIsWritable) Error.stackTraceLimit = 1;
// We only need the stack trace. To minimize the overhead use an object
// instead of an error.
const err = {};
const err = { __proto__: null };
ErrorCaptureStackTrace(err, fn);
if (errorStackTraceLimitIsWritable) Error.stackTraceLimit = tmpLimit;

Expand Down Expand Up @@ -389,6 +390,7 @@ function innerOk(fn, argLen, value, message) {
}

const err = new AssertionError({
__proto__: null,
actual: value,
expected: true,
message,
Expand Down Expand Up @@ -426,6 +428,7 @@ assert.equal = function equal(actual, expected, message) {
// eslint-disable-next-line eqeqeq
if (actual != expected && (!NumberIsNaN(actual) || !NumberIsNaN(expected))) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -450,6 +453,7 @@ assert.notEqual = function notEqual(actual, expected, message) {
// eslint-disable-next-line eqeqeq
if (actual == expected || (NumberIsNaN(actual) && NumberIsNaN(expected))) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -473,6 +477,7 @@ assert.deepEqual = function deepEqual(actual, expected, message) {
if (isDeepEqual === undefined) lazyLoadComparison();
if (!isDeepEqual(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -496,6 +501,7 @@ assert.notDeepEqual = function notDeepEqual(actual, expected, message) {
if (isDeepEqual === undefined) lazyLoadComparison();
if (isDeepEqual(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -521,6 +527,7 @@ assert.deepStrictEqual = function deepStrictEqual(actual, expected, message) {
if (isDeepEqual === undefined) lazyLoadComparison();
if (!isDeepStrictEqual(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -546,6 +553,7 @@ function notDeepStrictEqual(actual, expected, message) {
if (isDeepEqual === undefined) lazyLoadComparison();
if (isDeepStrictEqual(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -568,6 +576,7 @@ assert.strictEqual = function strictEqual(actual, expected, message) {
}
if (!ObjectIs(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand All @@ -590,6 +599,7 @@ assert.notStrictEqual = function notStrictEqual(actual, expected, message) {
}
if (ObjectIs(actual, expected)) {
innerFail({
__proto__: null,
actual,
expected,
message,
Expand Down Expand Up @@ -624,6 +634,7 @@ function compareExceptionKey(actual, expected, key, message, keys, fn) {
const b = new Comparison(expected, keys, actual);

const err = new AssertionError({
__proto__: null,
actual: a,
expected: b,
operator: 'deepStrictEqual',
Expand All @@ -635,6 +646,7 @@ function compareExceptionKey(actual, expected, key, message, keys, fn) {
throw err;
}
innerFail({
__proto__: null,
actual,
expected,
message,
Expand Down Expand Up @@ -664,6 +676,7 @@ function expectedException(actual, expected, message, fn) {
// Handle primitives properly.
} else if (typeof actual !== 'object' || actual === null) {
const err = new AssertionError({
__proto__: null,
actual,
expected,
message,
Expand Down Expand Up @@ -715,13 +728,13 @@ function expectedException(actual, expected, message, fn) {
message += `\n\nError message:\n\n${actual.message}`;
}
} else {
message += `"${inspect(actual, { depth: -1 })}"`;
message += `"${inspect(actual, { __proto__: null, depth: -1 })}"`;
}
}
throwError = true;
} else {
// Check validation functions return value.
const res = ReflectApply(expected, {}, [actual]);
const res = ReflectApply(expected, { __proto__: null }, [actual]);
if (res !== true) {
if (!message) {
generatedMessage = true;
Expand All @@ -739,6 +752,7 @@ function expectedException(actual, expected, message, fn) {

if (throwError) {
const err = new AssertionError({
__proto__: null,
actual,
expected,
message,
Expand Down Expand Up @@ -833,6 +847,7 @@ function expectsError(stackStartFn, actual, error, message) {
details += message ? `: ${message}` : '.';
const fnType = stackStartFn === assert.rejects ? 'rejection' : 'exception';
innerFail({
__proto__: null,
actual: undefined,
expected: error,
operator: stackStartFn.name,
Expand Down Expand Up @@ -864,7 +879,7 @@ function hasMatchingError(actual, expected) {
if (ObjectPrototypeIsPrototypeOf(Error, expected)) {
return false;
}
return ReflectApply(expected, {}, [actual]) === true;
return ReflectApply(expected, { __proto__: null }, [actual]) === true;
}

function expectsNoError(stackStartFn, actual, error, message) {
Expand All @@ -881,6 +896,7 @@ function expectsNoError(stackStartFn, actual, error, message) {
const fnType = stackStartFn === assert.doesNotReject ?
'rejection' : 'exception';
innerFail({
__proto__: null,
actual,
expected: error,
operator: stackStartFn.name,
Expand Down Expand Up @@ -951,6 +967,7 @@ assert.ifError = function ifError(err) {
}

const newErr = new AssertionError({
__proto__: null,
actual: err,
expected: null,
operator: 'ifError',
Expand Down Expand Up @@ -1016,6 +1033,7 @@ function internalMatch(string, regexp, message, fn) {
'The input was expected to not match the regular expression ') +
`${inspect(regexp)}. Input:\n\n${inspect(string)}\n`);
const err = new AssertionError({
__proto__: null,
actual: string,
expected: regexp,
message,
Expand Down Expand Up @@ -1061,6 +1079,7 @@ function strict(...args) {
}

assert.strict = ObjectAssign(strict, assert, {
__proto__: null,
equal: assert.strictEqual,
deepEqual: assert.deepStrictEqual,
notEqual: assert.notStrictEqual,
Expand Down
3 changes: 3 additions & 0 deletions lib/internal/assert/assertion_error.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ const { isErrorStackTraceLimitWritable } = require('internal/errors');


const kReadableOperator = {
__proto__: null,
deepStrictEqual: 'Expected values to be strictly deep-equal:',
strictEqual: 'Expected values to be strictly equal:',
strictEqualObject: 'Expected "actual" to be reference-equal to "expected":',
Expand Down Expand Up @@ -61,6 +62,7 @@ function inspectValue(val) {
return inspect(
val,
{
__proto__: null,
compact: false,
customInspect: false,
depth: 1000,
Expand Down Expand Up @@ -476,6 +478,7 @@ class AssertionError extends Error {
// to the actual error message which contains a combined view of these two
// input values.
const result = inspect(this, {
__proto__: null,
...ctx,
customInspect: false,
depth: 0,
Expand Down
3 changes: 3 additions & 0 deletions lib/internal/assert/calltracker.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ class CallTrackerContext {
`executed ${this.#expected} time(s) but was ` +
`executed ${this.#calls.length} time(s).`;
return {
__proto__: null,
message,
actual: this.#calls.length,
expected: this.#expected,
Expand Down Expand Up @@ -107,6 +108,7 @@ class CallTracker {
validateUint32(expected, 'expected', true);

const context = new CallTrackerContext({
__proto__: null,
expected,
// eslint-disable-next-line no-restricted-syntax
stackTrace: new Error(),
Expand Down Expand Up @@ -144,6 +146,7 @@ class CallTracker {
errors[0].message :
'Functions were not called the expected number of times';
throw new AssertionError({
__proto__: null,
message,
details: errors,
});
Expand Down