admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 18:12:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): Allow $evaluateExpression to resolve in task runners (#14641)

Browse Source
This commit is contained in:
Iván Ovejero
2025-04-15 20:27:26 +02:00
committed by GitHub
parent 57444d3a16
commit 7c1be05845
3 changed files with 11 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
packages/workflow/src/Expression.ts
View File

@@ -49,17 +49,6 @@ setErrorHandler((error: Error) => {
if (isExpressionError(error)) throw error;
});
const AsyncFunction = (async () => {}).constructor as FunctionConstructor;
const fnConstructors = {
sync: Function.prototype.constructor,
async: AsyncFunction.prototype.constructor,
mock: () => {
throw new ExpressionError('Arbitrary code execution detected');
},
};
export class Expression {
constructor(private readonly workflow: Workflow) {}
@@ -217,8 +206,6 @@ export class Expression {
data.Reflect = {};
data.Proxy = {};
data.constructor = {};
// Deprecated
data.escape = {};
data.unescape = {};
@@ -345,10 +332,6 @@ export class Expression {
data: IWorkflowDataProxyData,
): tmpl.ReturnValue | undefined {
try {
[Function, AsyncFunction].forEach(({ prototype }) =>
Object.defineProperty(prototype, 'constructor', { value: fnConstructors.mock }),
);
return evaluateExpression(expression, data);
} catch (error) {
if (isExpressionError(error)) throw error;
@@ -362,11 +345,6 @@ export class Expression {
throw new ApplicationError(match.groups.msg);
}
} finally {
Object.defineProperty(Function.prototype, 'constructor', { value: fnConstructors.sync });
Object.defineProperty(AsyncFunction.prototype, 'constructor', {
value: fnConstructors.async,
});
}
return null;

9
packages/workflow/test/Expression.test.ts
View File

@@ -165,15 +165,6 @@ for (const evaluator of ['tmpl', 'tournament'] as const) {
expect(evaluate('={{Boolean(1)}}')).toEqual(Boolean(1));
expect(evaluate('={{Symbol(1).toString()}}')).toEqual(Symbol(1).toString());
});
it('should not able to do arbitrary code execution', () => {
const testFn = jest.fn();
Object.assign(global, { testFn });
expect(() => evaluate("={{ Date['constructor']('testFn()')()}}")).toThrowError(
new ExpressionError('Cannot access "constructor" due to security concerns'),
);
expect(testFn).not.toHaveBeenCalled();
});
});
describe('Test all expression value fixtures', () => {