From 0b366b21d24a0c349e342828da36260c2b928f3e Mon Sep 17 00:00:00 2001 From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Date: Fri, 25 Oct 2024 00:02:13 +1100 Subject: [PATCH] [8.16] [CodeQL] resolve issue with prototype pollution (#196685) (#197614) # Backport This will backport the following commits from `main` to `8.16`: - [[CodeQL] resolve issue with prototype pollution (#196685)](https://github.com/elastic/kibana/pull/196685) ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) \r\n\r\nCo-authored-by: Elastic Machine ","sha":"7164a343e5f101e1790ffa484d649e700cdc05b2","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","v9.0.0","Team:SharedUX","backport:prev-major","v7.17.26"],"title":"[CodeQL] resolve issue with prototype pollution","number":196685,"url":"https://github.com/elastic/kibana/pull/196685","mergeCommit":{"message":"[CodeQL] resolve issue with prototype pollution (#196685)\n\n## Summary\r\n\r\nRelates to https://github.com/elastic/kibana-team/issues/1102\r\n\r\nParticularly addresses issues with prototype pollution\r\n\r\n\r\n\r\nCo-authored-by: Elastic Machine ","sha":"7164a343e5f101e1790ffa484d649e700cdc05b2"}},"sourceBranch":"main","suggestedTargetBranches":["7.17"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196685","number":196685,"mergeCommit":{"message":"[CodeQL] resolve issue with prototype pollution (#196685)\n\n## Summary\r\n\r\nRelates to https://github.com/elastic/kibana-team/issues/1102\r\n\r\nParticularly addresses issues with prototype pollution\r\n\r\n\r\n\r\nCo-authored-by: Elastic Machine ","sha":"7164a343e5f101e1790ffa484d649e700cdc05b2"}},{"branch":"7.17","label":"v7.17.26","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Eyo O. Eyo <7893459+eokoneyo@users.noreply.github.com> --- .../src/ui_settings_client_common.ts | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts b/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts index 32740c6a6fbe7..6ece79b0a675c 100644 --- a/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts +++ b/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts @@ -38,7 +38,11 @@ export abstract class UiSettingsClientCommon implements IUiSettingsClient { constructor(params: UiSettingsClientParams) { this.api = params.api; this.defaults = cloneDeep(params.defaults); - this.cache = defaultsDeep({}, this.defaults, cloneDeep(params.initialSettings)); + this.cache = defaultsDeep( + Object.create(null), + this.defaults, + cloneDeep(params.initialSettings) + ); params.done$.subscribe({ complete: () => { @@ -102,7 +106,10 @@ You can use \`IUiSettingsClient.get("${key}", defaultValue)\`, which will just r } isDeclared(key: string) { - return key in this.cache; + return ( + // @ts-ignore + (key !== '__proto__' || key !== 'constructor' || key !== 'prototype') && key in this.cache + ); } isDefault(key: string) {