fix(workflow): Fix multiple context leaks in reuseV8Context executor
#1605
Conversation
packages/common/src/type-helpers.ts
Outdated
| if (Object.isFrozen(object)) return object; | ||
|
|
There was a problem hiding this comment.
Can an object be frozen but not deepFrozen? If not, add a comment....
There was a problem hiding this comment.
Not sure what needs to be clarified here. The official typedoc on Object.freeze() already indicates that freezing is shallow, and generally well known to advanced JS devs.
| // DONOTMERGE -- DO NOT REVIEW THIS FILE | ||
|
|
There was a problem hiding this comment.
Is this comment correct? Do you need to remove this file?
| AsyncLocalStorage, | ||
| URL, | ||
| URLSearchParams, | ||
| assert, | ||
| TextEncoder, | ||
| TextDecoder, | ||
| AbortController, |
There was a problem hiding this comment.
Do any of these need to be deep frozen, or we assume they won't be abused...?
There was a problem hiding this comment.
They will get deep frozen at the same time as all other global variables, after loading the script.
That limitation is documented in |
|
I moved |
What was changed
Fix multiple context leaks and bugs in the
reuseV8Contextexecutor:…by reassigning a new object to an existing shared global variable:
globalThis.console = { ...globalThis.console, wfId: workflowInfo().workflowId }(fixes [Bug] Reusable VM allows context leak due to global variable reassignment #1476);…by modifying one of Node's built in global objects:
globalThis.Number.a = workflowInfo().workflowId;…by deleting a previously set global variable:
globalThis.a = 1; await sleep(1) ; delete globalThis.a ; await sleep(1) ; globalThis.a = (globalThis.a || 0) + 1; /* globalThis.a is 2 rather than 1 */…by defining global symbol properties:
const mySymbol = Symbol.for('...'); globalThis[mySymbol] = ...(fixes [Bug] Reusable VM allows context leak due to global symbol properties #1592).Note: this is a second round over #1519. The code has changed considerably since the first previous review.