From a567ef3c6e61eb319f0bfc2671d91061afb01235 Mon Sep 17 00:00:00 2001 From: Alex Kocharin Date: Wed, 20 Mar 2019 20:12:32 +0300 Subject: [PATCH] Restrict data types for object keys fix #475 --- lib/js-yaml/loader.js | 12 ++++ test/issues/0475-case1.yml | 117 +++++++++++++++++++++++++++++++++++++ test/issues/0475-case2.yml | 112 +++++++++++++++++++++++++++++++++++ test/issues/0475.js | 27 +++++++++ 4 files changed, 268 insertions(+) create mode 100644 test/issues/0475-case1.yml create mode 100644 test/issues/0475-case2.yml create mode 100644 test/issues/0475.js diff --git a/lib/js-yaml/loader.js b/lib/js-yaml/loader.js index fe2cb4d0..433ee211 100644 --- a/lib/js-yaml/loader.js +++ b/lib/js-yaml/loader.js @@ -285,6 +285,18 @@ function mergeMappings(state, destination, source, overridableKeys) { function storeMappingPair(state, _result, overridableKeys, keyTag, keyNode, valueNode, startLine, startPos) { var index, quantity; + // The output is a plain object here, so keys can only be strings. + // We need to convert keyNode to a string, but doing so can hang the process + // (deeply nested arrays that explode exponentially using aliases) or execute + // code via toString. + if (Array.isArray(keyNode)) { + for (index = 0, quantity = keyNode.length; index < quantity; index += 1) { + if (Array.isArray(keyNode[index])) { + throwError(state, 'nested arrays are not supported inside keys'); + } + } + } + keyNode = String(keyNode); if (_result === null) { diff --git a/test/issues/0475-case1.yml b/test/issues/0475-case1.yml new file mode 100644 index 00000000..29e78476 --- /dev/null +++ b/test/issues/0475-case1.yml @@ -0,0 +1,117 @@ +? - - &id057 + - &id055 + - &id053 + - &id051 + - &id049 + - &id047 + - &id045 + - &id043 + - &id041 + - &id039 + - &id037 + - &id035 + - &id033 + - &id031 + - &id029 + - &id027 + - &id025 + - &id023 + - &id021 + - &id019 + - &id017 + - &id015 + - &id013 + - &id011 + - &id009 + - &id007 + - &id005 + - &id003 + - &id001 [lol] + - &id002 [lol] + - &id004 + - *id001 + - *id002 + - &id006 + - *id003 + - *id004 + - &id008 + - *id005 + - *id006 + - &id010 + - *id007 + - *id008 + - &id012 + - *id009 + - *id010 + - &id014 + - *id011 + - *id012 + - &id016 + - *id013 + - *id014 + - &id018 + - *id015 + - *id016 + - &id020 + - *id017 + - *id018 + - &id022 + - *id019 + - *id020 + - &id024 + - *id021 + - *id022 + - &id026 + - *id023 + - *id024 + - &id028 + - *id025 + - *id026 + - &id030 + - *id027 + - *id028 + - &id032 + - *id029 + - *id030 + - &id034 + - *id031 + - *id032 + - &id036 + - *id033 + - *id034 + - &id038 + - *id035 + - *id036 + - &id040 + - *id037 + - *id038 + - &id042 + - *id039 + - *id040 + - &id044 + - *id041 + - *id042 + - &id046 + - *id043 + - *id044 + - &id048 + - *id045 + - *id046 + - &id050 + - *id047 + - *id048 + - &id052 + - *id049 + - *id050 + - &id054 + - *id051 + - *id052 + - &id056 + - *id053 + - *id054 + - &id058 + - *id055 + - *id056 + - - *id057 + - *id058 +: key diff --git a/test/issues/0475-case2.yml b/test/issues/0475-case2.yml new file mode 100644 index 00000000..f5c69b53 --- /dev/null +++ b/test/issues/0475-case2.yml @@ -0,0 +1,112 @@ + - &id057 + - &id055 + - &id053 + - &id051 + - &id049 + - &id047 + - &id045 + - &id043 + - &id041 + - &id039 + - &id037 + - &id035 + - &id033 + - &id031 + - &id029 + - &id027 + - &id025 + - &id023 + - &id021 + - &id019 + - &id017 + - &id015 + - &id013 + - &id011 + - &id009 + - &id007 + - &id005 + - &id003 + - &id001 [lol] + - &id002 [lol] + - &id004 + - *id001 + - *id002 + - &id006 + - *id003 + - *id004 + - &id008 + - *id005 + - *id006 + - &id010 + - *id007 + - *id008 + - &id012 + - *id009 + - *id010 + - &id014 + - *id011 + - *id012 + - &id016 + - *id013 + - *id014 + - &id018 + - *id015 + - *id016 + - &id020 + - *id017 + - *id018 + - &id022 + - *id019 + - *id020 + - &id024 + - *id021 + - *id022 + - &id026 + - *id023 + - *id024 + - &id028 + - *id025 + - *id026 + - &id030 + - *id027 + - *id028 + - &id032 + - *id029 + - *id030 + - &id034 + - *id031 + - *id032 + - &id036 + - *id033 + - *id034 + - &id038 + - *id035 + - *id036 + - &id040 + - *id037 + - *id038 + - &id042 + - *id039 + - *id040 + - &id044 + - *id041 + - *id042 + - &id046 + - *id043 + - *id044 + - &id048 + - *id045 + - *id046 + - &id050 + - *id047 + - *id048 + - &id052 + - *id049 + - *id050 + - &id054 + - *id051 + - *id052 + - &id056 + - *id053 + - *id054 + - *id057 : 1 diff --git a/test/issues/0475.js b/test/issues/0475.js new file mode 100644 index 00000000..3727560a --- /dev/null +++ b/test/issues/0475.js @@ -0,0 +1,27 @@ +'use strict'; + + +var assert = require('assert'); +var yaml = require('../../'); +var readFileSync = require('fs').readFileSync; + + +test('Should not allow nested arrays in map keys (explicit syntax)', function () { + try { + yaml.safeLoad(readFileSync(require('path').join(__dirname, '/0475-case1.yml'), 'utf8')); + } catch (err) { + assert(err.stack.startsWith('YAMLException: nested arrays are not supported inside keys')); + return; + } + assert.fail(null, null, 'Expected an error to be thrown'); +}); + +test('Should not allow nested arrays in map keys (implicit syntax)', function () { + try { + yaml.safeLoad(readFileSync(require('path').join(__dirname, '/0475-case2.yml'), 'utf8')); + } catch (err) { + assert(err.stack.startsWith('YAMLException: nested arrays are not supported inside keys')); + return; + } + assert.fail(null, null, 'Expected an error to be thrown'); +});