[Security Solution] Fix code scanning alert no. 469: Prototype-pollut…

…ing function (#201712)

Fixes
[https://github.com/elastic/kibana/security/code-scanning/469](https://github.com/elastic/kibana/security/code-scanning/469)

While I don't think this is actually an issue, as source is only a set
of ecs fields that ultimately are defined in the code and not controlled
by the user
https://github.com/elastic/kibana/blob/main/packages/kbn-alerts-as-data-utils/src/search/security/fields.ts#L47
This suggested fix doesn't have any negative impact/makes it future
proof if ever used elsewhere.

To fix the prototype pollution issue in the `deepMerge` function, we
need to ensure that the function does not copy the special properties
`__proto__` and `constructor`. Additionally, we should verify that the
properties being copied are own properties of the `source` object. This
can be achieved by adding checks within the `deepMerge` function.


_Suggested fixes powered by Copilot Autofix. Review carefully before
merging._

---------

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: kibanamachine <[email protected]>

x-pack/plugins/timelines/server/search_strategy/timeline/factory/helpers/format_timeline_data.ts

@@ -34,7 +34,14 @@ const createBaseTimelineEdges = (): TimelineEdges => ({
 
 function deepMerge(target: EventSource, source: EventSource) {
   for (const key in source) {
-    if (source && source[key] instanceof Object && target && target[key] instanceof Object) {
+    if (
+      !Object.prototype.hasOwnProperty.call(source, key) ||
+      key === '__proto__' ||
+      key === 'constructor'
+    )
+      // eslint-disable-next-line no-continue
+      continue;
+    if (source[key] instanceof Object && target[key] instanceof Object) {
       deepMerge(target[key], source[key]);
     } else {
       target[key] = source[key];