mirror of
https://github.com/nodejs/node.git
synced 2025-05-16 18:57:28 +00:00
2eeb4e1d94
`catch` and `finally` methods on %Promise.prototype% looks up the `then` property of the instance, making it at risk of prototype pollution. PR-URL: https://github.com/nodejs/node/pull/38650 Refs: https://tc39.es/ecma262/#sec-promise.prototype.catch Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
39 lines
1.0 KiB
JavaScript
39 lines
1.0 KiB
JavaScript
// Flags: --expose-internals
|
|
'use strict';
|
|
|
|
const common = require('../common');
|
|
const assert = require('assert');
|
|
|
|
const {
|
|
PromisePrototypeCatch,
|
|
PromisePrototypeThen,
|
|
SafePromisePrototypeFinally,
|
|
} = require('internal/test/binding').primordials;
|
|
|
|
Promise.prototype.catch = common.mustNotCall();
|
|
Promise.prototype.finally = common.mustNotCall();
|
|
Promise.prototype.then = common.mustNotCall();
|
|
|
|
assertIsPromise(PromisePrototypeCatch(Promise.reject(), common.mustCall()));
|
|
assertIsPromise(PromisePrototypeThen(test(), common.mustCall()));
|
|
assertIsPromise(SafePromisePrototypeFinally(test(), common.mustCall()));
|
|
|
|
async function test() {
|
|
const catchFn = common.mustCall();
|
|
const finallyFn = common.mustCall();
|
|
|
|
try {
|
|
await Promise.reject();
|
|
} catch {
|
|
catchFn();
|
|
} finally {
|
|
finallyFn();
|
|
}
|
|
}
|
|
|
|
function assertIsPromise(promise) {
|
|
// Make sure the returned promise is a genuine %Promise% object and not a
|
|
// subclass instance.
|
|
assert.strictEqual(Object.getPrototypeOf(promise), Promise.prototype);
|
|
}
|