Skip to content

Commit

Permalink
fix(es/minifier): Abort eval on valueOf or toString (#8763)
Browse files Browse the repository at this point in the history
**Related issue:**

 - Closes #8704
 - Closes #8705
  • Loading branch information
kdy1 authored Mar 20, 2024
1 parent 6fba5f7 commit 9f98a70
Show file tree
Hide file tree
Showing 11 changed files with 171 additions and 6 deletions.
64 changes: 64 additions & 0 deletions crates/swc/tests/fixture/issues-8xxx/8705/input/.swcrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
{
"jsc": {
"parser": {
"syntax": "ecmascript",
"jsx": false
},
"target": "es2022",
"loose": false,
"minify": {
"compress": {
"arguments": false,
"arrows": true,
"booleans": true,
"booleans_as_integers": false,
"collapse_vars": true,
"comparisons": true,
"computed_props": true,
"conditionals": true,
"dead_code": true,
"directives": true,
"drop_console": false,
"drop_debugger": true,
"evaluate": true,
"expression": false,
"hoist_funs": false,
"hoist_props": true,
"hoist_vars": false,
"if_return": true,
"join_vars": true,
"keep_classnames": false,
"keep_fargs": true,
"keep_fnames": false,
"keep_infinity": false,
"loops": true,
"negate_iife": true,
"properties": true,
"reduce_funcs": false,
"reduce_vars": false,
"side_effects": true,
"switches": true,
"typeofs": true,
"unsafe": false,
"unsafe_arrows": false,
"unsafe_comps": false,
"unsafe_Function": false,
"unsafe_math": false,
"unsafe_symbols": false,
"unsafe_methods": false,
"unsafe_proto": false,
"unsafe_regexp": false,
"unsafe_undefined": false,
"unused": true,
"const_to_let": true,
"pristine_globals": true
},
"mangle": false
}
},
"module": {
"type": "es6"
},
"minify": false,
"isModule": true
}
1 change: 1 addition & 0 deletions crates/swc/tests/fixture/issues-8xxx/8705/input/1.js
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
console.log(Math.pow({ valueOf() { return 42 } }, 1))
3 changes: 3 additions & 0 deletions crates/swc/tests/fixture/issues-8xxx/8705/output/1.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
console.log(Math.pow({
valueOf: ()=>42
}, 1));
47 changes: 47 additions & 0 deletions crates/swc_ecma_minifier/tests/fixture/issues/8704/config.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
{
"defaults": true,
"arguments": false,
"arrows": true,
"booleans": true,
"booleans_as_integers": false,
"collapse_vars": true,
"comparisons": true,
"computed_props": true,
"conditionals": true,
"dead_code": true,
"directives": true,
"drop_console": false,
"drop_debugger": true,
"evaluate": true,
"expression": false,
"hoist_funs": false,
"hoist_props": true,
"hoist_vars": false,
"if_return": true,
"join_vars": true,
"keep_classnames": false,
"keep_fargs": true,
"keep_fnames": false,
"keep_infinity": false,
"loops": true,
"negate_iife": true,
"properties": true,
"reduce_funcs": false,
"reduce_vars": false,
"side_effects": true,
"switches": true,
"typeofs": true,
"unsafe": false,
"unsafe_arrows": false,
"unsafe_comps": false,
"unsafe_Function": false,
"unsafe_math": false,
"unsafe_symbols": false,
"unsafe_methods": false,
"unsafe_proto": false,
"unsafe_regexp": false,
"unsafe_undefined": false,
"unused": true,
"const_to_let": true,
"pristine_globals": true
}
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
console.log({ toString() { return 'swc' } } + '')
3 changes: 3 additions & 0 deletions crates/swc_ecma_minifier/tests/fixture/issues/8704/output.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
console.log({
toString: ()=>'swc'
} + '');
47 changes: 47 additions & 0 deletions crates/swc_ecma_minifier/tests/fixture/issues/8705/config.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
{
"defaults": true,
"arguments": false,
"arrows": true,
"booleans": true,
"booleans_as_integers": false,
"collapse_vars": true,
"comparisons": true,
"computed_props": true,
"conditionals": true,
"dead_code": true,
"directives": true,
"drop_console": false,
"drop_debugger": true,
"evaluate": true,
"expression": false,
"hoist_funs": false,
"hoist_props": true,
"hoist_vars": false,
"if_return": true,
"join_vars": true,
"keep_classnames": false,
"keep_fargs": true,
"keep_fnames": false,
"keep_infinity": false,
"loops": true,
"negate_iife": true,
"properties": true,
"reduce_funcs": false,
"reduce_vars": false,
"side_effects": true,
"switches": true,
"typeofs": true,
"unsafe": false,
"unsafe_arrows": false,
"unsafe_comps": false,
"unsafe_Function": false,
"unsafe_math": false,
"unsafe_symbols": false,
"unsafe_methods": false,
"unsafe_proto": false,
"unsafe_regexp": false,
"unsafe_undefined": false,
"unused": true,
"const_to_let": true,
"pristine_globals": true
}
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
console.log(Math.pow({ valueOf() { return 42 } }, 1))
3 changes: 3 additions & 0 deletions crates/swc_ecma_minifier/tests/fixture/issues/8705/output.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
console.log(Math.pow({
valueOf: ()=>42
}, 1));
Original file line number Diff line number Diff line change
Expand Up @@ -661,10 +661,6 @@ fn test_folding_mix_types_early() {
fn test_folding_add1() {
fold("x = null + true", "x=1");
fold_same("x = a + true");
fold("x = '' + {}", "x = \"[object Object]\"");
fold("x = [] + {}", "x = \"[object Object]\"");
fold("x = {} + []", "x = \"[object Object]\"");
fold("x = {} + ''", "x = \"[object Object]\"");
}

#[test]
Expand Down
3 changes: 1 addition & 2 deletions crates/swc_ecma_utils/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -935,7 +935,7 @@ pub trait ExprExt {
}
}

Expr::Tpl(..) | Expr::Object(ObjectLit { .. }) | Expr::Array(ArrayLit { .. }) => {
Expr::Tpl(..) => {
return (
Pure,
num_from_str(&match self.as_pure_string(ctx) {
Expand Down Expand Up @@ -1058,7 +1058,6 @@ pub trait ExprExt {
}
Known(buf.into())
}
Expr::Object(ObjectLit { .. }) => Known(Cow::Borrowed("[object Object]")),
_ => Unknown,
}
}
Expand Down

0 comments on commit 9f98a70

Please sign in to comment.