Fix Prototype Pollution in extend function (CVE-2024-57077) #7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pull request from 'feature_master_V8QV' to 'master'
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of Fix:
This PR addresses CVE-2024-57077, a Prototype Pollution vulnerability in the extend function. The issue arises because the function does not properly prevent properties like proto, constructor, and prototype from being modified.
Root Cause:
The existing check correctly attempts to skip proto, constructor, and prototype, but the subsequent hasOwnProperty validation was not effectively used due to an empty if block.
This allowed potential prototype pollution attacks by modifying inherited properties of Object.prototype.
Fix Details:
Added a continue; statement inside the hasOwnProperty check to ensure only direct properties of source are copied to target.
This prevents attackers from injecting prototype properties via malicious object assignments.
The extend function now properly validates properties before assigning them, mitigating potential security risks.
Security Impact:
✅ Blocks prototype pollution attempts.
✅ Ensures extend only copies own properties of source.
✅ Maintains backward compatibility without breaking existing functionality.