From 1d89c5d1e16d67962db2735efc601b48bd78255d Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Wed, 23 Oct 2019 11:06:57 -0700
Subject: cli: whitelist new V8 flag in NODE_OPTIONS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Explicitly whitelists --disallow-code-generation-from-strings in
NODE_OPTIONS as a new V8 flag. This flag prevents strings like eval()
from performing code generation.

PR-URL: https://github.com/nodejs/node/pull/30094
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 src/node_options.cc | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src')

diff --git a/src/node_options.cc b/src/node_options.cc
index 8ec469d3ac..695d7cee65 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -589,6 +589,10 @@ PerIsolateOptionsParser::PerIsolateOptionsParser(
             V8Option{},
             kAllowedInEnvironment);
   AddOption("--stack-trace-limit", "", V8Option{}, kAllowedInEnvironment);
+  AddOption("--disallow-code-generation-from-strings",
+            "disallow eval and friends",
+            V8Option{},
+            kAllowedInEnvironment);
 
 #ifdef NODE_REPORT
   AddOption("--report-uncaught-exception",
-- 
cgit v1.2.3