policy: ensure workers do not read fs for policy

This prevents a main thread from rewriting the policy file and loading a worker that has a different policy from the main thread. PR-URL: https://github.com/nodejs/node/pull/25710 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
author: Bradley Farias <bradley.meck@gmail.com> 2019-01-23 16:21:46 -0600
committer: Daniel Bevenius <daniel.bevenius@gmail.com> 2019-01-29 08:08:50 +0100
commit: 78982389ce9265f5f65cd9e8a192e05389506927 (patch)
tree: eb20a408615edbc768ed025470c30e6ef5927f4e /lib/internal/process/policy.js
parent: d4d76b6be07841e4416fc5ab1445b73638fcea6a (diff)
download: android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.tar.gz
android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.tar.bz2
android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/internal/process/policy.js b/lib/internal/process/policy.js
index 0b037d4ef5..823130e3c1 100644
--- a/lib/internal/process/policy.js
+++ b/lib/internal/process/policy.js
@@ -5,10 +5,14 @@ const {
 } = require('internal/errors').codes;
 const { Manifest } = require('internal/policy/manifest');
 let manifest;
+let manifestSrc;
+let manifestURL;
 
 module.exports = Object.freeze({
   __proto__: null,
   setup(src, url) {
+    manifestSrc = src;
+    manifestURL = url;
     if (src === null) {
       manifest = null;
       return;
@@ -31,6 +35,20 @@ module.exports = Object.freeze({
     return manifest;
   },
 
+  get src() {
+    if (typeof manifestSrc === 'undefined') {
+      throw new ERR_MANIFEST_TDZ();
+    }
+    return manifestSrc;
+  },
+
+  get url() {
+    if (typeof manifestURL === 'undefined') {
+      throw new ERR_MANIFEST_TDZ();
+    }
+    return manifestURL;
+  },
+
   assertIntegrity(moduleURL, content) {
     this.manifest.matchesIntegrity(moduleURL, content);
   }
author	Bradley Farias <bradley.meck@gmail.com>	2019-01-23 16:21:46 -0600
committer	Daniel Bevenius <daniel.bevenius@gmail.com>	2019-01-29 08:08:50 +0100
commit	78982389ce9265f5f65cd9e8a192e05389506927 (patch)
tree	eb20a408615edbc768ed025470c30e6ef5927f4e /lib/internal/process/policy.js
parent	d4d76b6be07841e4416fc5ab1445b73638fcea6a (diff)
download	android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.tar.gz android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.tar.bz2 android-node-v8-78982389ce9265f5f65cd9e8a192e05389506927.zip