Look up HostObject computed properties on the right object in the prototype chain.
Summary:
The change in the hermes repository fixes the security vulnerability
CVE-2020-1911. This vulnerability only affects applications which
allow evaluation of uncontrolled, untrusted JavaScript code not
shipped with the app, so React Native apps will generally not be affected.
This revision includes a test for the bug. The test is generic JSI
code, so it is included in the hermes and react-native repositories.
Changelog: [Internal]
Reviewed By: tmikov
Differential Revision: D23322992 (0dee0e6036
)
fbshipit-source-id: 4e88c974afe1ad33a263f9cac03e9dc98d33649a
This commit is contained in:
Родитель
1270873ed6
Коммит
525e55f898
|
@ -394,6 +394,23 @@ TEST_P(JSITest, HostObjectTest) {
|
|||
.getBool());
|
||||
}
|
||||
|
||||
TEST_P(JSITest, HostObjectProtoTest) {
|
||||
class ProtoHostObject : public HostObject {
|
||||
Value get(Runtime& rt, const PropNameID&) override {
|
||||
return String::createFromAscii(rt, "phoprop");
|
||||
}
|
||||
};
|
||||
|
||||
rt.global().setProperty(
|
||||
rt,
|
||||
"pho",
|
||||
Object::createFromHostObject(rt, std::make_shared<ProtoHostObject>()));
|
||||
|
||||
EXPECT_EQ(
|
||||
eval("({__proto__: pho})[Symbol.toPrimitive]").getString(rt).utf8(rt),
|
||||
"phoprop");
|
||||
}
|
||||
|
||||
TEST_P(JSITest, ArrayTest) {
|
||||
eval("x = {1:2, '3':4, 5:'six', 'seven':['eight', 'nine']}");
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче