fix(core): Filter out prototype and constructor lookups in expressions (#10382)

2025-12-18 02:21:13 +00:00 · 2024-08-13 16:57:01 +01:00
parent 117e2d968f
commit 8e7d29ad3c
7 changed files with 162 additions and 10 deletions
--- a/packages/workflow/test/Expression.test.ts
+++ b/packages/workflow/test/Expression.test.ts
@@ -74,7 +74,9 @@ for (const evaluator of ['tmpl', 'tournament'] as const) {
 				expect(evaluate('={{Reflect}}')).toEqual({});
 				expect(evaluate('={{Proxy}}')).toEqual({});

-				expect(evaluate('={{constructor}}')).toEqual({});
+				expect(() => evaluate('={{constructor}}')).toThrowError(
+					new ExpressionError('Cannot access "constructor" due to security concerns'),
+				);

 				expect(evaluate('={{escape}}')).toEqual({});
 				expect(evaluate('={{unescape}}')).toEqual({});
@@ -166,7 +168,7 @@ for (const evaluator of ['tmpl', 'tournament'] as const) {
 				const testFn = jest.fn();
 				Object.assign(global, { testFn });
 				expect(() => evaluate("={{ Date['constructor']('testFn()')()}}")).toThrowError(
-					new ExpressionError('Arbitrary code execution detected'),
+					new ExpressionError('Cannot access "constructor" due to security concerns'),
 				);
 				expect(testFn).not.toHaveBeenCalled();
 			});
--- a/packages/workflow/test/ExpressionSandboxing.test.ts
+++ b/packages/workflow/test/ExpressionSandboxing.test.ts
@@ -0,0 +1,84 @@
+import { PrototypeSanitizer, sanitizer } from '@/ExpressionSandboxing';
+import { Tournament } from '@n8n/tournament';
+
+const tournament = new Tournament(
+	(e) => {
+		throw e;
+	},
+	undefined,
+	undefined,
+	{
+		before: [],
+		after: [PrototypeSanitizer],
+	},
+);
+
+const errorRegex = /^Cannot access ".*" due to security concerns$/;
+
+describe('PrototypeSanitizer', () => {
+	describe('Static analysis', () => {
+		it('should not allow access to __proto__', () => {
+			expect(() => {
+				tournament.execute('{{ ({}).__proto__.__proto__ }}', {});
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ ({})["__proto__"]["__proto__"] }}', {});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to prototype', () => {
+			expect(() => {
+				tournament.execute('{{ Number.prototype }}', { Number });
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ Number["prototype"] }}', { Number });
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to constructor', () => {
+			expect(() => {
+				tournament.execute('{{ Number.constructor }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+
+			expect(() => {
+				tournament.execute('{{ Number["constructor"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+	});
+
+	describe('Runtime', () => {
+		it('should not allow access to __proto__', () => {
+			expect(() => {
+				tournament.execute('{{ ({})["__" + (() => "proto")() + "__"] }}', {
+					__sanitize: sanitizer,
+				});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to prototype', () => {
+			expect(() => {
+				tournament.execute('{{ Number["pro" + (() => "toty")() + "pe"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+
+		it('should not allow access to constructor', () => {
+			expect(() => {
+				tournament.execute('{{ Number["cons" + (() => "truc")() + "tor"] }}', {
+					__sanitize: sanitizer,
+					Number,
+				});
+			}).toThrowError(errorRegex);
+		});
+	});
+});