From 91ba14731776b85aa4335839a6b923c9ae023941 Mon Sep 17 00:00:00 2001 From: Jonas Jenwald Date: Fri, 18 Apr 2025 12:19:29 +0200 Subject: [PATCH] Check that the `Object.prototype` hasn't been incorrectly extended (PR 11582 follow-up) This complements, and extends, the existing check of the `Array.prototype` in the worker-thread. To simplify the implementation we'll now abort immediately, rather than collecting all "bad" properties. --- src/core/worker.js | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/src/core/worker.js b/src/core/worker.js index 25dd08ee0..eb51bacfa 100644 --- a/src/core/worker.js +++ b/src/core/worker.js @@ -123,20 +123,19 @@ class WorkerMessageHandler { if (typeof PDFJSDev === "undefined" || PDFJSDev.test("GENERIC")) { // Fail early, and predictably, rather than having (some) fonts fail to // load/render with slightly cryptic error messages in environments where - // the `Array.prototype` has been *incorrectly* extended. + // the `{Object, Array}.prototype` has been *incorrectly* extended. // // PLEASE NOTE: We do *not* want to slow down font parsing by adding // `hasOwnProperty` checks all over the code-base. - const enumerableProperties = []; - for (const property in []) { - enumerableProperties.push(property); + const buildMsg = (type, prop) => + `The \`${type}.prototype\` contains unexpected enumerable property ` + + `"${prop}", thus breaking e.g. \`for...in\` iteration of ${type}s.`; + + for (const prop in {}) { + throw new Error(buildMsg("Object", prop)); } - if (enumerableProperties.length) { - throw new Error( - "The `Array.prototype` contains unexpected enumerable properties: " + - enumerableProperties.join(", ") + - "; thus breaking e.g. `for...in` iteration of `Array`s." - ); + for (const prop in []) { + throw new Error(buildMsg("Array", prop)); } } const workerHandlerName = docId + "_worker";