mini_racer 0.17.0.pre8 → 0.17.0.pre10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6a4649daa0104376800784775a305593ff637dbde023f27ed6d9126b77c54548
-  data.tar.gz: e46ffb00764e6113cef170508d8ed1ac4b68cab29ace1051fc7c5df4c7d97f07
+  metadata.gz: f09948c878aaefbc5e47285a3ee17db34e00de5d72e441cbb4ef45dd15e45f06
+  data.tar.gz: 95aa4a36b7612535524ff9ef6ca3116bde6dad9aa474c1c4b1af9427c0204969
 SHA512:
-  metadata.gz: 38202ee576c23d016afd7b69ba9bada8ca47a82c3a460c028a42e25c23438f965e4ac2e8d6c4a24bea7211bed6436a9f2cc55bc4c9c0c42fd6b8e5054602c8f5
-  data.tar.gz: e8da8f6787111b63e698db0964a9ad35ffe62c1acca83db7efa08cdb7db94d8d68ed39b989f81fd77b310fff510790d16454761f083bc5bd1154105f93c20f6f
+  metadata.gz: 76a9a93bcb3bdfc0f7073e6a5501d8c96bd993bb85fe321ac54114154f015c0b0f1e2ba21067f79787831cff604f34e82079913b593dab559f4cb74e54781f17
+  data.tar.gz: ea1da1f7e66915a147fe614cff9a6de80e2d5a2953eabb0de422c0ad2839db940cc9dbf2c5c642604b03fbd5ab71a6c0fd26e15abb38d4f4652273243a41221f

data/CHANGELOG

@@ -1,3 +1,9 @@
+- 0.17.0.pr10 - 20-01-2025
+  - Added back support for partially deserialized objects (objects that do not translate across boundaries are returned as Error properties) - Ben Noordhuis
+
+- 0.17.0.pre9 - 13-01-2025
+  - For backwards compatibility convert v8 return values to UTF-8 (invalidly encoded string still get returned using V8 encoding)
+
 - 0.17.0.pre8 - 11-01-2025
   - Fix handling of UTF 32 LE and Ascii encoding strings - Ben Noordhuis
   - Handle rare edge case in V8 serialization - Ben Noordhuis

data/ext/mini_racer_extension/mini_racer_extension.c

@@ -164,12 +164,6 @@ static VALUE js_function_class;
 static pthread_mutex_t flags_mtx = PTHREAD_MUTEX_INITIALIZER;
 static Buf flags; // protected by |flags_mtx|
 
-struct rendezvous_nogvl
-{
-    Context *context;
-    Buf *req, *res;
-};
-
 // arg == &(struct rendezvous_nogvl){...}
 static void *rendezvous_callback(void *arg);
 
@@ -177,23 +171,38 @@ static void *rendezvous_callback(void *arg);
 typedef struct State
 {
     VALUE   a, b;
+    uint8_t verbatim_keys:1;
 } State;
 
 // note: must be stack-allocated or VALUEs won't be visible to ruby's GC
 typedef struct DesCtx
 {
     State   *tos;
-    VALUE   refs; // array
+    VALUE   refs; // object refs array
+    uint8_t transcode_latin1:1;
     char    err[64];
     State   stack[512];
 } DesCtx;
 
+struct rendezvous_nogvl
+{
+    Context *context;
+    Buf *req, *res;
+};
+
+struct rendezvous_des
+{
+    DesCtx *d;
+    Buf *res;
+};
+
 static void DesCtx_init(DesCtx *c)
 {
     c->tos  = c->stack;
     c->refs = rb_ary_new();
-    *c->tos = (State){Qundef, Qundef};
+    *c->tos = (State){Qundef, Qundef, /*verbatim_keys*/0};
     *c->err = '\0';
+    c->transcode_latin1 = 1; // convert to utf8
 }
 
 static void put(DesCtx *c, VALUE v)
@@ -212,7 +221,8 @@ static void put(DesCtx *c, VALUE v)
         if (*b == Qundef) {
             *b = v;
         } else {
-            *b = rb_funcall(*b, rb_intern("to_s"), 0);
+            if (!c->tos->verbatim_keys)
+                *b = rb_funcall(*b, rb_intern("to_s"), 0);
             rb_hash_aset(*a, *b, v);
             *b = Qundef;
         }
@@ -234,7 +244,7 @@ static void push(DesCtx *c, VALUE v)
         snprintf(c->err, sizeof(c->err), "stack overflow");
         return;
     }
-    *++c->tos = (State){v, Qundef};
+    *++c->tos = (State){v, Qundef, /*verbatim_keys*/0};
     rb_ary_push(c->refs, v);
 }
 
@@ -321,9 +331,22 @@ static void des_string(void *arg, const char *s, size_t n)
     put(arg, rb_utf8_str_new(s, n));
 }
 
+static VALUE str_encode_bang(VALUE v)
+{
+    // TODO cache these? this function can get called often
+    return rb_funcall(v, rb_intern("encode!"), 1, rb_str_new_cstr("UTF-8"));
+}
+
 static void des_string8(void *arg, const uint8_t *s, size_t n)
 {
-    put(arg, rb_enc_str_new((char *)s, n, rb_ascii8bit_encoding()));
+    DesCtx *c;
+    VALUE v;
+
+    c = arg;
+    v = rb_enc_str_new((char *)s, n, rb_ascii8bit_encoding());
+    if (c->transcode_latin1)
+        v = str_encode_bang(v); // cannot fail
+    put(c, v);
 }
 
 // des_string16: |s| is not word aligned
@@ -331,7 +354,9 @@ static void des_string8(void *arg, const uint8_t *s, size_t n)
 static void des_string16(void *arg, const void *s, size_t n)
 {
     rb_encoding *e;
+    VALUE v, r;
     DesCtx *c;
+    int exc;
 
     c = arg;
     if (*c->err)
@@ -344,7 +369,15 @@ static void des_string16(void *arg, const void *s, size_t n)
         snprintf(c->err, sizeof(c->err), "no UTF16-LE encoding");
         return;
     }
-    put(c, rb_enc_str_new((char *)s, n, e));
+    v = rb_enc_str_new((char *)s, n, e);
+    // JS strings can contain unmatched or illegal surrogate pairs
+    // that Ruby won't decode; return the string as-is in that case
+    r = rb_protect(str_encode_bang, v, &exc);
+    if (exc) {
+        rb_set_errinfo(Qnil);
+        r = v;
+    }
+    put(c, r);
 }
 
 // ruby doesn't really have a concept of a byte array so store it as
@@ -395,6 +428,20 @@ static void des_object_end(void *arg)
     pop(arg);
 }
 
+static void des_map_begin(void *arg)
+{
+    DesCtx *c;
+
+    c = arg;
+    push(c, rb_hash_new());
+    c->tos->verbatim_keys = 1; // don't stringify or intern keys
+}
+
+static void des_map_end(void *arg)
+{
+    pop(arg);
+}
+
 static void des_object_ref(void *arg, uint32_t id)
 {
     DesCtx *c;
@@ -740,25 +787,25 @@ static void *v8_thread_start(void *arg)
     return NULL;
 }
 
-static VALUE deserialize1(const uint8_t *p, size_t n)
+static VALUE deserialize1(DesCtx *d, const uint8_t *p, size_t n)
 {
     char err[64];
-    DesCtx d;
 
-    DesCtx_init(&d);
-    if (des(&err, p, n, &d))
+    if (des(&err, p, n, d))
         rb_raise(runtime_error, "%s", err);
-    if (d.tos != d.stack) // should not happen
+    if (d->tos != d->stack) // should not happen
         rb_raise(runtime_error, "parse stack not empty");
-    return d.tos->a;
+    return d->tos->a;
 }
 
 static VALUE deserialize(VALUE arg)
 {
+    struct rendezvous_des *a;
     Buf *b;
 
-    b = (void *)arg;
-    return deserialize1(b->buf, b->len);
+    a = (void *)arg;
+    b = a->res;
+    return deserialize1(a->d, b->buf, b->len);
 }
 
 // called with |rr_mtx| and GVL held; can raise exception
@@ -767,6 +814,7 @@ static VALUE rendezvous_callback_do(VALUE arg)
     struct rendezvous_nogvl *a;
     VALUE func, args;
     Context *c;
+    DesCtx d;
     Buf *b;
 
     a = (void *)arg;
@@ -774,7 +822,8 @@ static VALUE rendezvous_callback_do(VALUE arg)
     c = a->context;
     assert(b->len > 0);
     assert(*b->buf == 'c');
-    args = deserialize1(b->buf+1, b->len-1); // skip 'c' marker
+    DesCtx_init(&d);
+    args = deserialize1(&d, b->buf+1, b->len-1); // skip 'c' marker
     func = rb_ary_pop(args); // callback id
     func = rb_ary_entry(c->procs, FIX2LONG(func));
     return rb_funcall2(func, rb_intern("call"), RARRAY_LENINT(args), RARRAY_PTR(args));
@@ -866,14 +915,14 @@ static void rendezvous_no_des(Context *c, Buf *req, Buf *res)
 
 // send request to & receive reply from v8 thread; takes ownership of |req|
 // can raise exceptions and longjmp away but won't leak |req|
-static VALUE rendezvous(Context *c, Buf *req)
+static VALUE rendezvous1(Context *c, Buf *req, DesCtx *d)
 {
     VALUE r;
     Buf res;
     int exc;
 
     rendezvous_no_des(c, req, &res); // takes ownership of |req|
-    r = rb_protect(deserialize, (VALUE)&res, &exc);
+    r = rb_protect(deserialize, (VALUE)&(struct rendezvous_des){d, &res}, &exc);
     buf_reset(&res);
     if (exc) {
         r = rb_errinfo();
@@ -888,6 +937,14 @@ static VALUE rendezvous(Context *c, Buf *req)
     return r;
 }
 
+static VALUE rendezvous(Context *c, Buf *req)
+{
+    DesCtx d;
+
+    DesCtx_init(&d);
+    return rendezvous1(c, req, &d);
+}
+
 static void handle_exception(VALUE e)
 {
     const char *s;
@@ -1469,6 +1526,7 @@ static VALUE snapshot_initialize(int argc, VALUE *argv, VALUE self)
     VALUE a, e, code, cv;
     Snapshot *ss;
     Context *c;
+    DesCtx d;
     Ser s;
 
     TypedData_Get_Struct(self, Snapshot, &snapshot_type, ss);
@@ -1483,7 +1541,9 @@ static VALUE snapshot_initialize(int argc, VALUE *argv, VALUE self)
     ser_init1(&s, 'T');
     add_string(&s, code);
     // response is [arraybuffer, error]
-    a = rendezvous(c, &s.b);
+    DesCtx_init(&d);
+    d.transcode_latin1 = 0; // don't mangle snapshot binary data
+    a = rendezvous1(c, &s.b, &d);
     e = rb_ary_pop(a);
     context_dispose(cv);
     if (*RSTRING_PTR(e))
@@ -1497,6 +1557,7 @@ static VALUE snapshot_warmup(VALUE self, VALUE arg)
     VALUE a, e, cv;
     Snapshot *ss;
     Context *c;
+    DesCtx d;
     Ser s;
 
     TypedData_Get_Struct(self, Snapshot, &snapshot_type, ss);
@@ -1511,7 +1572,9 @@ static VALUE snapshot_warmup(VALUE self, VALUE arg)
     add_string(&s, arg);
     ser_array_end(&s, 2);
     // response is [arraybuffer, error]
-    a = rendezvous(c, &s.b);
+    DesCtx_init(&d);
+    d.transcode_latin1 = 0; // don't mangle snapshot binary data
+    a = rendezvous1(c, &s.b, &d);
     e = rb_ary_pop(a);
     context_dispose(cv);
     if (*RSTRING_PTR(e))

data/ext/mini_racer_extension/mini_racer_v8.cc

@@ -11,6 +11,56 @@
 #include <cstring>
 #include <vector>
 
+// note: the filter function gets called inside the safe context,
+// i.e., the context that has not been tampered with by user JS
+// convention: $-prefixed identifiers signify objects from the
+// user JS context and should be handled with special care
+static const char safe_context_script_source[] = R"js(
+;(function($globalThis) {
+    const {Map: $Map, Set: $Set} = $globalThis
+    const sentinel = {}
+    return function filter(v) {
+        if (typeof v === "function")
+            return sentinel
+        if (typeof v !== "object" || v === null)
+            return v
+        if (v instanceof $Map) {
+            const m = new Map()
+            for (let [k, t] of Map.prototype.entries.call(v)) {
+                t = filter(t)
+                if (t !== sentinel)
+                    m.set(k, t)
+            }
+            return m
+        } else if (v instanceof $Set) {
+            const s = new Set()
+            for (let t of Set.prototype.values.call(v)) {
+                t = filter(t)
+                if (t !== sentinel)
+                    s.add(t)
+            }
+            return s
+        } else {
+            const o = Array.isArray(v) ? [] : {}
+            const pds = Object.getOwnPropertyDescriptors(v)
+            for (const [k, d] of Object.entries(pds)) {
+                if (!d.enumerable)
+                    continue
+                let t = d.value
+                if (d.get) {
+                    // *not* d.get.call(...), may have been tampered with
+                    t = Function.prototype.call.call(d.get, v, k)
+                }
+                t = filter(t)
+                if (t !== sentinel)
+                    Object.defineProperty(o, k, {value: t, enumerable: true})
+            }
+            return o
+        }
+    }
+})
+)js";
+
 struct Callback
 {
     struct State *st;
@@ -32,8 +82,10 @@ struct State
     // extra context for when we need access to built-ins like Array
     // and want to be sure they haven't been tampered with by JS code
     v8::Local<v8::Context> safe_context;
-    v8::Persistent<v8::Context> persistent_context;      // single-thread mode only
-    v8::Persistent<v8::Context> persistent_safe_context; // single-thread mode only
+    v8::Local<v8::Function> safe_context_function;
+    v8::Persistent<v8::Context> persistent_context;         // single-thread mode only
+    v8::Persistent<v8::Context> persistent_safe_context;    // single-thread mode only
+    v8::Persistent<v8::Function> persistent_safe_context_function;  // single-thread mode only
     Context *ruby_context;
     int64_t max_memory;
     int err_reason;
@@ -73,6 +125,23 @@ struct Serialized
 // throws JS exception on serialization error
 bool reply(State& st, v8::Local<v8::Value> v)
 {
+    v8::TryCatch try_catch(st.isolate);
+    {
+        Serialized serialized(st, v);
+        if (serialized.data) {
+            v8_reply(st.ruby_context, serialized.data, serialized.size);
+            return true;
+        }
+    }
+    if (!try_catch.CanContinue()) {
+        try_catch.ReThrow();
+        return false;
+    }
+    auto recv = v8::Undefined(st.isolate);
+    if (!st.safe_context_function->Call(st.safe_context, recv, 1, &v).ToLocal(&v)) {
+        try_catch.ReThrow();
+        return false;
+    }
     Serialized serialized(st, v);
     if (serialized.data)
         v8_reply(st.ruby_context, serialized.data, serialized.size);
@@ -240,7 +309,29 @@ extern "C" State *v8_thread_init(Context *c, const uint8_t *snapshot_buf,
         st.safe_context = v8::Context::New(st.isolate);
         st.context = v8::Context::New(st.isolate);
         v8::Context::Scope context_scope(st.context);
+        {
+            v8::Context::Scope context_scope(st.safe_context);
+            auto source = v8::String::NewFromUtf8Literal(st.isolate, safe_context_script_source);
+            auto filename = v8::String::NewFromUtf8Literal(st.isolate, "safe_context_script.js");
+            v8::ScriptOrigin origin(filename);
+            auto script =
+                v8::Script::Compile(st.safe_context, source, &origin)
+                .ToLocalChecked();
+            auto function_v = script->Run(st.safe_context).ToLocalChecked();
+            auto function = v8::Function::Cast(*function_v);
+            auto recv = v8::Undefined(st.isolate);
+            v8::Local<v8::Value> arg = st.context->Global();
+            // grant the safe context access to the user context's globalThis
+            st.safe_context->SetSecurityToken(st.context->GetSecurityToken());
+            function_v =
+                function->Call(st.safe_context, recv, 1, &arg)
+                .ToLocalChecked();
+            // revoke access again now that the script did its one-time setup
+            st.safe_context->UseDefaultSecurityToken();
+            st.safe_context_function = v8::Local<v8::Function>::Cast(function_v);
+        }
         if (single_threaded) {
+            st.persistent_safe_context_function.Reset(st.isolate, st.safe_context_function);
             st.persistent_safe_context.Reset(st.isolate, st.safe_context);
             st.persistent_context.Reset(st.isolate, st.context);
             return pst; // intentionally returning early and keeping alive
@@ -792,12 +883,14 @@ extern "C" void v8_single_threaded_enter(State *pst, Context *c, void (*f)(Conte
     v8::Isolate::Scope isolate_scope(st.isolate);
     v8::HandleScope handle_scope(st.isolate);
     {
+        st.safe_context_function = v8::Local<v8::Function>::New(st.isolate, st.persistent_safe_context_function);
         st.safe_context = v8::Local<v8::Context>::New(st.isolate, st.persistent_safe_context);
         st.context = v8::Local<v8::Context>::New(st.isolate, st.persistent_context);
         v8::Context::Scope context_scope(st.context);
         f(c);
         st.context = v8::Local<v8::Context>();
         st.safe_context = v8::Local<v8::Context>();
+        st.safe_context_function = v8::Local<v8::Function>();
     }
 }
 

data/ext/mini_racer_extension/serde.c

@@ -31,6 +31,8 @@ static void des_named_props_begin(void *arg);
 static void des_named_props_end(void *arg);
 static void des_object_begin(void *arg);
 static void des_object_end(void *arg);
+static void des_map_begin(void *arg);
+static void des_map_end(void *arg);
 static void des_object_ref(void *arg, uint32_t id);
 // des_error_begin: followed by des_object_begin + des_object_end calls
 static void des_error_begin(void *arg);
@@ -642,7 +644,7 @@ again:
         des_object_end(arg);
         break;
     case ';': // Map
-        des_object_begin(arg);
+        des_map_begin(arg);
         for (u = 0; /*empty*/; u++) {
             if (*p >= pe)
                 goto too_short;
@@ -658,7 +660,7 @@ again:
             goto bad_varint;
         if (t != 2*u)
             return bail(err, "map element count mismatch");
-        des_object_end(arg);
+        des_map_end(arg);
         break;
     case '\'': // Set
         des_array_begin(arg);

data/lib/mini_racer/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
 module MiniRacer
-  VERSION = "0.17.0.pre8"
+  VERSION = "0.17.0.pre10"
   LIBV8_NODE_VERSION = "~> 22.7.0.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mini_racer
 version: !ruby/object:Gem::Version
-  version: 0.17.0.pre8
+  version: 0.17.0.pre10
 platform: ruby
 authors:
 - Sam Saffron
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-11 00:00:00.000000000 Z
+date: 2025-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -123,9 +123,9 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/discourse/mini_racer/issues
-  changelog_uri: https://github.com/discourse/mini_racer/blob/v0.17.0.pre8/CHANGELOG
-  documentation_uri: https://www.rubydoc.info/gems/mini_racer/0.17.0.pre8
-  source_code_uri: https://github.com/discourse/mini_racer/tree/v0.17.0.pre8
+  changelog_uri: https://github.com/discourse/mini_racer/blob/v0.17.0.pre10/CHANGELOG
+  documentation_uri: https://www.rubydoc.info/gems/mini_racer/0.17.0.pre10
+  source_code_uri: https://github.com/discourse/mini_racer/tree/v0.17.0.pre10
 post_install_message:
 rdoc_options: []
 require_paths: