fix: prepare for far classes #1251
Conversation
erights
changed the base branch from
master
to
4333-markm-stricter-passStyleOf
erights
force-pushed
the
markm-prepare-for-far-classes
branch
2 times, most recently
from
0b06470 to
f04036b
Compare
|
ping |
There was a problem hiding this comment.
I'm requesting confirmation on the recursion depth question.
Also, this review uncovered behavior that smells like a bug: nothing checks if a prototype is hardened, so it can change underneath passStyleOf.
import "@endo/init";
import { Far, passStyleOf, PASS_STYLE } from "@endo/marshal";
const nonEnumerable = { configurable: true, writable: true, enumerable: false };
const mercurialProto = new Proxy(
Object.defineProperties({}, {
[PASS_STYLE]: { ...nonEnumerable, value: "remotable" },
[Symbol.toStringTag]: { ...nonEnumerable, value: "Remotable" },
}),
{
getPrototypeOf(obj) {
// Self-mutate after returning the original prototype one time
// (to checkRemotableProtoOf).
if (obj[PASS_STYLE] !== "error") {
obj[PASS_STYLE] = "error";
return Object.prototype;
}
return Error.prototype;
},
}
);
const makeInput = () => Object.freeze({ __proto__: mercurialProto });
const input1 = makeInput();
const input2 = makeInput();
console.log("# passStyleOf(input1)");
console.log(passStyleOf(input1)); // => "remotable"
/* same because of passStyleMemo WeakMap */
console.log(`# passStyleOf(input1) again (cached "Purely for performance")`);
console.log(passStyleOf(input1)); // => "remotable"
/* different because of changes in the prototype */
console.log("# passStyleOf(input2)");
console.log(passStyleOf(input2)); // => Error (Errors must inherit from an error class .prototype)
Hi @gibson042 , when you tried this experiment, was that on a system that was pre or post #1250 ? Your attack seems much like Agoric/agoric-sdk#4333 , which I believe I fixed in #1250, and which this PR relies on. Note that I fixed 4333 only in #1250 in endo. I did not fix the patch in agoric-sdk, so it you're testing that, your attack should still work. In any case, worried that #1250 didn't really fix it, I tried your test case, which I will add to this PR. I'm pleased to report that your first call to Nevertheless, I will carefully review the code and see if any variation of this attack seems possible. PTAL and see if you can still find any way to attack the system. Further note: Even though your attack as written fails, looking again, I'm not yet sure I understand what's going on. More news as I figure it out. More news: I read it more carefully and traced it through with the debugger. I think the code is indeed doing the right thing for the right reason, and is not open to this attack. Can you still find any way to attack it? |
erights
force-pushed
the
markm-prepare-for-far-classes
branch
from
f04036b to
3a6eca2
Compare
In order to support Agoric/agoric-sdk#5970 , we need to allow at least one level of remotable inheritance. Currently supported in agoric-sdk as a patch. TODO after this is merged and agoric-sdk updated to depend on it, remove the patch.