Skip to content

Commit

Permalink
Add RuntimeConfig option to disable ArrayBuffer et al.
Browse files Browse the repository at this point in the history
Summary:
Add a RuntimeConfig option to disable ArrayBuffer, DataView and all typed arrays.

When disabled, the constructors are absent from the global object, and none of their methods are even defined. As a last line of defense, the process will terminate if an ArrayBuffer is somehow still accessed.

Reviewed By: neildhar

Differential Revision: D37470100

fbshipit-source-id: 289b3eee3afd9f24bcddc46c9bc381c410cf20e1
  • Loading branch information
kodafb authored and facebook-github-bot committed Jun 28, 2022
1 parent b823515 commit 4779dd1
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 7 deletions.
4 changes: 4 additions & 0 deletions include/hermes/VM/JSArrayBuffer.h
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,10 @@ class JSArrayBuffer final : public JSObject {
/// if the ArrayBuffer is empty.
/// \pre attached() must be true
uint8_t *getDataBlock(Runtime &runtime) {
// This check should never fail, because all ways to illegally access
// ArrayBuffer should raise exceptions. It's here as a last line of defense.
if (!runtime.hasArrayBuffer())
hermes_fatal("Illegal access to ArrayBuffer");
assert(attached() && "Cannot get a data block from a detached ArrayBuffer");
return data_.get(runtime);
}
Expand Down
7 changes: 7 additions & 0 deletions include/hermes/VM/Runtime.h
Original file line number Diff line number Diff line change
Expand Up @@ -852,6 +852,10 @@ class Runtime : public PointerBase,
return hasIntl_;
}

bool hasArrayBuffer() const {
return hasArrayBuffer_;
}

bool useJobQueue() const {
return getVMExperimentFlags() & experiments::JobQueue;
}
Expand Down Expand Up @@ -1117,6 +1121,9 @@ class Runtime : public PointerBase,
/// Set to true if we should enable ECMA-402 Intl APIs.
const bool hasIntl_;

/// Set to true if we should enable ArrayBuffer, DataView and typed arrays.
const bool hasArrayBuffer_;

/// Set to true if we should randomize stack placement etc.
const bool shouldRandomizeMemoryLayout_;

Expand Down
18 changes: 11 additions & 7 deletions lib/VM/JSLib/GlobalObject.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -587,21 +587,25 @@ void initGlobalObject(Runtime &runtime, const JSLibFlags &jsLibFlags) {
// Array constructor.
createArrayConstructor(runtime);

// ArrayBuffer constructor.
createArrayBufferConstructor(runtime);
if (runtime.hasArrayBuffer()) {
// ArrayBuffer constructor.
createArrayBufferConstructor(runtime);

// DataView constructor.
createDataViewConstructor(runtime);
// DataView constructor.
createDataViewConstructor(runtime);

// TypedArrayBase constructor.
runtime.typedArrayBaseConstructor =
createTypedArrayBaseConstructor(runtime).getHermesValue();
// TypedArrayBase constructor.
runtime.typedArrayBaseConstructor =
createTypedArrayBaseConstructor(runtime).getHermesValue();

#define TYPED_ARRAY(name, type) \
runtime.name##ArrayConstructor = \
create##name##ArrayConstructor(runtime).getHermesValue(); \
gcScope.clearAllHandles();
#include "hermes/VM/TypedArrays.def"
} else {
gcScope.clearAllHandles();
} // hasArrayBuffer

// Set constructor.
createSetConstructor(runtime);
Expand Down
1 change: 1 addition & 0 deletions lib/VM/Runtime.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,7 @@ Runtime::Runtime(
hasES6Promise_(runtimeConfig.getES6Promise()),
hasES6Proxy_(runtimeConfig.getES6Proxy()),
hasIntl_(runtimeConfig.getIntl()),
hasArrayBuffer_(runtimeConfig.getArrayBuffer()),
shouldRandomizeMemoryLayout_(runtimeConfig.getRandomizeMemoryLayout()),
bytecodeWarmupPercent_(runtimeConfig.getBytecodeWarmupPercent()),
trackIO_(runtimeConfig.getTrackIO()),
Expand Down
3 changes: 3 additions & 0 deletions public/hermes/Public/RuntimeConfig.h
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,9 @@ class PinnedHermesValue;
/* Support for ECMA-402 Intl APIs. */ \
F(constexpr, bool, Intl, true) \
\
/* Support for ArrayBuffer, DataView and typed arrays. */ \
F(constexpr, bool, ArrayBuffer, true) \
\
/* Enable synth trace. */ \
F(constexpr, bool, TraceEnabled, false) \
\
Expand Down

0 comments on commit 4779dd1

Please sign in to comment.