Skip to content

Commit 1f6f3ac

Browse files
authored
lib: harden kKeyOps lookup with null prototype
Signed-off-by: Filip Skokan <[email protected]> PR-URL: #62877 Reviewed-By: René <[email protected]> Reviewed-By: Jordan Harband <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
1 parent 800f582 commit 1f6f3ac

2 files changed

Lines changed: 11 additions & 0 deletions

File tree

lib/internal/crypto/util.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -764,6 +764,7 @@ function getDigestSizeInBytes(name) {
764764
}
765765

766766
const kKeyOps = {
767+
__proto__: null,
767768
sign: 1,
768769
verify: 2,
769770
encrypt: 3,

test/parallel/test-webcrypto-util.js

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ const assert = require('assert');
99

1010
const {
1111
normalizeAlgorithm,
12+
validateKeyOps,
1213
} = require('internal/crypto/util');
1314

1415
{
@@ -49,3 +50,12 @@ const {
4950
assert.strictEqual(normalized.name, 'ECDSA');
5051
assert.strictEqual(nameReadCount, 1);
5152
}
53+
54+
{
55+
for (const ops of [
56+
['sign', 'toString', 'constructor'],
57+
['sign', '__proto__', 'constructor'],
58+
]) {
59+
validateKeyOps(ops);
60+
}
61+
}

0 commit comments

Comments
 (0)