From 19fe7c614bc09a808f92ecf680e5de51e9bfccf8 Mon Sep 17 00:00:00 2001
From: Nicolas DUBIEN <github@dubien.org>
Date: Fri, 13 Dec 2024 00:13:39 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Make=20depth=20retrieval=20more?=
 =?UTF-8?q?=20resilient=20to=20poisoning=20(#5515)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

**Description**

<!-- Please provide a short description and potentially linked issues
justifying the need for this PR -->
Retrieving the depth is a shared operations that can be leveraged by
various of our arbitraries. Its current implementation was possibly
leading to poisoning crashes into some very specific circumstances. This
PR drops a few remaing problematic cases.

In theory, while backing ourselves against poisoning is important for
us, it should not bring any visible difference to our users except into
very corrupted and vulnerable code they could have wrote.
<!-- * Your PR is fixing a bug or regression? Check for existing issues
related to this bug and link them -->
<!-- * Your PR is adding a new feature? Make sure there is a related
issue or discussion attached to it -->

<!-- You can provide any additional context to help into understanding
what's this PR is attempting to solve: reproduction of a bug, code
snippets... -->

**Checklist** — _Don't delete this checklist and make sure you do the
following before opening the PR_

- [x] The name of my PR follows [gitmoji](https://gitmoji.dev/)
specification
- [x] My PR references one of several related issues (if any)
- [x] New features or breaking changes must come with an associated
Issue or Discussion
- [x] My PR does not add any new dependency without an associated Issue
or Discussion
- [x] My PR includes bumps details, please run `yarn bump` and flag the
impacts properly
- [x] My PR adds relevant tests and they would have failed without my PR
(when applicable)

<!-- More about contributing at
https://github.com/dubzzz/fast-check/blob/main/CONTRIBUTING.md -->

**Advanced**

<!-- How to fill the advanced section is detailed below! -->

- [x] Category: 🐛 Fix a bug
- [x] Impacts: None expected, should be more resilient to poisoning

<!-- [Category] Please use one of the categories below, it will help us
into better understanding the urgency of the PR -->
<!-- * ✨ Introduce new features -->
<!-- * 📝 Add or update documentation -->
<!-- * ✅ Add or update tests -->
<!-- * 🐛 Fix a bug -->
<!-- * 🏷️ Add or update types -->
<!-- * ⚡️ Improve performance -->
<!-- * _Other(s):_ ... -->

<!-- [Impacts] Please provide a comma separated list of the potential
impacts that might be introduced by this change -->
<!-- * Generated values: Can your change impact any of the existing
generators in terms of generated values, if so which ones? when? -->
<!-- * Shrink values: Can your change impact any of the existing
generators in terms of shrink values, if so which ones? when? -->
<!-- * Performance: Can it require some typings changes on user side?
Please give more details -->
<!-- * Typings: Is there a potential performance impact? In which cases?
-->
---
 .changeset/lazy-lamps-repair.md                             | 5 +++++
 .../src/arbitrary/_internals/helpers/DepthContext.ts        | 6 ++++--
 2 files changed, 9 insertions(+), 2 deletions(-)
 create mode 100644 .changeset/lazy-lamps-repair.md

diff --git a/.changeset/lazy-lamps-repair.md b/.changeset/lazy-lamps-repair.md
new file mode 100644
index 00000000000..9445dacc3a5
--- /dev/null
+++ b/.changeset/lazy-lamps-repair.md
@@ -0,0 +1,5 @@
+---
+"fast-check": patch
+---
+
+🐛 Make depth retrieval more resilient to poisoning
diff --git a/packages/fast-check/src/arbitrary/_internals/helpers/DepthContext.ts b/packages/fast-check/src/arbitrary/_internals/helpers/DepthContext.ts
index 75ecc95b265..842a48cf093 100644
--- a/packages/fast-check/src/arbitrary/_internals/helpers/DepthContext.ts
+++ b/packages/fast-check/src/arbitrary/_internals/helpers/DepthContext.ts
@@ -1,3 +1,5 @@
+import { safeMapGet, safeMapSet } from '../../../utils/globals';
+
 /**
  * Internal symbol used to declare an opaque type for DepthIdentifier
  * @internal
@@ -54,12 +56,12 @@ export function getDepthContextFor(contextMeta: DepthContext | DepthIdentifier |
   if (typeof contextMeta !== 'string') {
     return contextMeta as DepthContext;
   }
-  const cachedContext = depthContextCache.get(contextMeta);
+  const cachedContext = safeMapGet(depthContextCache, contextMeta);
   if (cachedContext !== undefined) {
     return cachedContext;
   }
   const context = { depth: 0 };
-  depthContextCache.set(contextMeta, context);
+  safeMapSet(depthContextCache, contextMeta, context);
   return context;
 }