fix(builtins): block unset of internal variables and readonly marker bypass#1013
Merged
fix(builtins): block unset of internal variables and readonly marker bypass#1013
Conversation
…bypass Closes #1006 — unset could remove _READONLY_* marker variables directly, defeating readonly protection. Now checks is_internal_variable() in the interpreter's execute_unset_builtin to block removal of all internal markers. Also adds defense-in-depth checks in the Unset builtin struct.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
unset _READONLY_*and other internal marker variables viais_internal_variable()checkexecute_unset_builtinandUnsetbuiltin structWhat & Why
unset _READONLY_FOOcould directly remove the readonly marker, makingFOOmutable again. This defeats readonly protection, which may be security-critical. Now the interpreter's unset handler checksis_internal_variable()before removing any variable, blocking manipulation of all internal markers.Tests Added
unset_readonly_marker_blocked— verifiesunset _READONLY_Xdoesn't defeat readonlyunset_normal_variable_works— verifies normal unset still worksCloses #1006