@unrdf/hooks 5.0.1

package/src/security/sandbox/isolated-vm-executor.mjs

@@ -0,0 +1,373 @@
+/**
+ * @file Isolated VM Executor
+ * @module security/sandbox/isolated-vm-executor
+ *
+ * @description
+ * Primary sandbox executor using isolated-vm for maximum security.
+ * Provides V8 isolate-based execution with:
+ * - Full memory isolation
+ * - CPU timeout controls
+ * - WASM support
+ * - Async/await support
+ * - Merkle verification of code integrity
+ * - OpenTelemetry instrumentation
+ */
+
+import ivm from 'isolated-vm';
+import { trace, _context } from '@opentelemetry/api';
+import { sha256 } from '@noble/hashes/sha256';
+import { bytesToHex } from '@noble/hashes/utils';
+
+const tracer = trace.getTracer('isolated-vm-executor');
+
+/**
+ * Convert bytes to hex string
+ * @param {Uint8Array} bytes
+ * @returns {string}
+ */
+function toHex(bytes) {
+  return bytesToHex(bytes);
+}
+
+/**
+ * Compute SHA-256 hash of code
+ * @param {string} code
+ * @returns {string} Hex-encoded hash
+ */
+function hashCode(code) {
+  const bytes = new TextEncoder().encode(code);
+  return toHex(sha256(bytes));
+}
+
+/**
+ * Threat detection patterns
+ */
+const THREAT_PATTERNS = [
+  // VM escape attempts
+  /constructor\s*\.\s*constructor/i,
+  /Function\s*\(\s*['"`]/i,
+  /eval\s*\(/i,
+  /\[\s*['"`]constructor['"`]\s*\]/i,
+
+  // Process/require access
+  /process\s*\.\s*binding/i,
+  /require\s*\(/i,
+  /import\s*\(/i,
+  /module\s*\.\s*exports/i,
+
+  // Prototype pollution
+  /__proto__/i,
+  /prototype\s*\[\s*['"`]/i,
+
+  // File system access
+  /fs\s*\.\s*(read|write)/i,
+  /child_process/i,
+
+  // Network access
+  /fetch\s*\(/i,
+  /XMLHttpRequest/i,
+  /WebSocket/i,
+];
+
+/**
+ * Detect potential threats in code
+ * @param {string} code
+ * @returns {Array<Object>} Detected threats
+ */
+function detectThreats(code) {
+  const threats = [];
+
+  for (let i = 0; i < THREAT_PATTERNS.length; i++) {
+    const pattern = THREAT_PATTERNS[i];
+    if (pattern.test(code)) {
+      threats.push({
+        patternIndex: i,
+        pattern: pattern.toString(),
+        severity: i < 4 ? 'critical' : i < 10 ? 'high' : 'medium',
+      });
+    }
+  }
+
+  return threats;
+}
+
+/**
+ * Isolated VM Executor
+ */
+export class IsolatedVmExecutor {
+  /**
+   * @param {Object} [config] - Executor configuration
+   * @param {number} [config.memoryLimit=128] - Memory limit in MB
+   * @param {number} [config.timeout=5000] - Execution timeout in ms
+   * @param {boolean} [config.enableWasm=true] - Enable WASM support
+   * @param {boolean} [config.enableAsync=true] - Enable async/await
+   * @param {boolean} [config.enableThreatDetection=true] - Enable threat detection
+   * @param {boolean} [config.strictMode=true] - Enable strict mode
+   */
+  constructor(config = {}) {
+    this.config = {
+      memoryLimit: config.memoryLimit || 128,
+      timeout: config.timeout || 5000,
+      enableWasm: config.enableWasm !== false,
+      enableAsync: config.enableAsync !== false,
+      enableThreatDetection: config.enableThreatDetection !== false,
+      strictMode: config.strictMode !== false,
+      ...config,
+    };
+
+    /** @type {Map<string, ivm.Isolate>} */
+    this.isolates = new Map();
+
+    /** @type {Map<string, ivm.Context>} */
+    this.contexts = new Map();
+
+    /** @type {Map<string, string>} - Code hashes for Merkle verification */
+    this.codeHashes = new Map();
+
+    this.executionCount = 0;
+    this.totalDuration = 0;
+  }
+
+  /**
+   * Execute code in isolated VM
+   * @param {string|Function} code - Code to execute
+   * @param {Object} [context] - Execution context
+   * @param {Object} [options] - Execution options
+   * @returns {Promise<Object>} Execution result
+   */
+  async run(code, context = {}, options = {}) {
+    return tracer.startActiveSpan('security.isolate.execute', async span => {
+      const startTime = Date.now();
+      const executionId = `exec_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+
+      try {
+        span.setAttributes({
+          'security.executor.type': 'isolated-vm',
+          'security.execution.id': executionId,
+          'security.memoryLimit': this.config.memoryLimit,
+          'security.timeout': options.timeout || this.config.timeout,
+        });
+
+        // Convert function to string if needed
+        const codeString = typeof code === 'function' ? code.toString() : code;
+
+        // Threat detection
+        if (this.config.enableThreatDetection) {
+          const threats = detectThreats(codeString);
+          if (threats.length > 0) {
+            const criticalThreats = threats.filter(t => t.severity === 'critical');
+            if (criticalThreats.length > 0) {
+              span.setAttribute('security.threats.detected', threats.length);
+              span.setAttribute('security.threats.critical', criticalThreats.length);
+              span.setStatus({
+                code: 2,
+                message: 'Critical security threat detected',
+              });
+
+              throw new Error(
+                `Security threat detected: ${criticalThreats[0].pattern}. ` + `Execution blocked.`
+              );
+            }
+          }
+          span.setAttribute('security.threats.count', threats.length);
+        }
+
+        // Compute code hash for Merkle verification
+        const codeHash = hashCode(codeString);
+        this.codeHashes.set(executionId, codeHash);
+        span.setAttribute('security.code.hash', codeHash);
+
+        // Create isolate
+        const isolate = new ivm.Isolate({
+          memoryLimit: this.config.memoryLimit,
+          inspector: false, // Disable debugging for security
+          onCatastrophicError: msg => {
+            span.recordException(new Error(`Catastrophic error: ${msg}`));
+            this.destroyIsolate(executionId);
+          },
+        });
+
+        this.isolates.set(executionId, isolate);
+
+        // Create context
+        const ivmContext = await isolate.createContext();
+        this.contexts.set(executionId, ivmContext);
+
+        // Setup safe global environment
+        const jail = ivmContext.global;
+        await jail.set('global', jail.derefInto());
+
+        // Add safe console
+        const safeConsole = new ivm.Reference({
+          log: (...args) => console.log('[Sandbox]', ...args),
+          error: (...args) => console.error('[Sandbox]', ...args),
+          warn: (...args) => console.warn('[Sandbox]', ...args),
+          info: (...args) => console.info('[Sandbox]', ...args),
+        });
+        await jail.set('console', safeConsole);
+
+        // Add JSON support
+        const jsonRef = new ivm.Reference({
+          parse: str => JSON.parse(str),
+          stringify: obj => JSON.stringify(obj),
+        });
+        await jail.set('JSON', jsonRef);
+
+        // Add Math support
+        const mathRef = new ivm.Reference(Math);
+        await jail.set('Math', mathRef);
+
+        // Add Date support (limited)
+        const dateRef = new ivm.Reference({
+          now: () => Date.now(),
+        });
+        await jail.set('Date', dateRef);
+
+        // Inject context data
+        if (context && Object.keys(context).length > 0) {
+          for (const [key, value] of Object.entries(context)) {
+            const valueRef = new ivm.Reference(value);
+            await jail.set(key, valueRef);
+          }
+        }
+
+        // Wrap code in strict mode if enabled
+        const wrappedCode = this.config.strictMode ? `"use strict";\n${codeString}` : codeString;
+
+        // Compile and execute
+        const script = await isolate.compileScript(wrappedCode);
+        const timeout = options.timeout || this.config.timeout;
+
+        const result = await script.run(ivmContext, {
+          timeout,
+          reference: true,
+          promise: this.config.enableAsync,
+        });
+
+        // Copy result back to main isolate
+        const output = result ? await result.copy() : undefined;
+
+        // Cleanup
+        await this.destroyIsolate(executionId);
+
+        const duration = Date.now() - startTime;
+        this.executionCount++;
+        this.totalDuration += duration;
+
+        span.setAttributes({
+          'security.execution.duration': duration,
+          'security.execution.success': true,
+        });
+        span.setStatus({ code: 1 }); // OK
+
+        return {
+          success: true,
+          result: output,
+          duration,
+          executionId,
+          codeHash,
+          memoryUsed: await this.getMemoryUsage(executionId).catch(() => ({
+            used: 0,
+          })),
+        };
+      } catch (error) {
+        const duration = Date.now() - startTime;
+
+        span.recordException(error);
+        span.setAttributes({
+          'security.execution.duration': duration,
+          'security.execution.success': false,
+          'security.error.message': error.message,
+        });
+        span.setStatus({ code: 2, message: error.message });
+
+        // Cleanup on error
+        await this.destroyIsolate(executionId).catch(() => {});
+
+        // Categorize error
+        let errorType = 'unknown';
+        if (error.message?.includes('timed out')) {
+          errorType = 'timeout';
+        } else if (error.message?.includes('memory')) {
+          errorType = 'memory_limit';
+        } else if (error.message?.includes('Security threat')) {
+          errorType = 'security_threat';
+        }
+
+        span.setAttribute('security.error.type', errorType);
+
+        return {
+          success: false,
+          error: error.message,
+          errorType,
+          duration,
+          executionId,
+          codeHash: this.codeHashes.get(executionId),
+        };
+      } finally {
+        span.end();
+      }
+    });
+  }
+
+  /**
+   * Get memory usage for execution
+   * @param {string} executionId
+   * @returns {Promise<Object>}
+   */
+  async getMemoryUsage(executionId) {
+    const isolate = this.isolates.get(executionId);
+    if (!isolate) {
+      return { used: 0, total: 0, limit: 0, percentage: 0 };
+    }
+
+    const heapStats = await isolate.getHeapStatistics();
+    return {
+      used: heapStats.used_heap_size,
+      total: heapStats.total_heap_size,
+      limit: heapStats.heap_size_limit,
+      percentage: (heapStats.used_heap_size / heapStats.heap_size_limit) * 100,
+    };
+  }
+
+  /**
+   * Destroy isolate and free resources
+   * @param {string} executionId
+   */
+  async destroyIsolate(executionId) {
+    const isolate = this.isolates.get(executionId);
+    if (isolate) {
+      try {
+        isolate.dispose();
+      } catch (err) {
+        // Ignore disposal errors
+      }
+      this.isolates.delete(executionId);
+      this.contexts.delete(executionId);
+      this.codeHashes.delete(executionId);
+    }
+  }
+
+  /**
+   * Get executor statistics
+   * @returns {Object}
+   */
+  getStats() {
+    return {
+      type: 'isolated-vm',
+      config: this.config,
+      executionCount: this.executionCount,
+      averageDuration: this.executionCount > 0 ? this.totalDuration / this.executionCount : 0,
+      activeIsolates: this.isolates.size,
+    };
+  }
+
+  /**
+   * Cleanup all isolates
+   */
+  async cleanup() {
+    for (const executionId of this.isolates.keys()) {
+      await this.destroyIsolate(executionId);
+    }
+  }
+}

package/src/security/sandbox/vm2-executor.mjs

@@ -0,0 +1,217 @@
+/**
+ * @file VM2 Executor (Legacy - Deprecated)
+ * @module security/sandbox/vm2-executor
+ *
+ * @description
+ * Legacy sandbox executor using vm2 (DEPRECATED).
+ *
+ * ⚠️ SECURITY WARNING ⚠️
+ * This executor is DEPRECATED and has known security vulnerabilities.
+ * It should only be used for backward compatibility with existing code.
+ * Migrate to isolated-vm or worker executors as soon as possible.
+ *
+ * Known issues:
+ * - VM escape vulnerabilities
+ * - Prototype pollution risks
+ * - No memory isolation
+ * - No CPU isolation
+ *
+ * @deprecated Use IsolatedVmExecutor or WorkerExecutor instead
+ */
+
+import { trace } from '@opentelemetry/api';
+
+const tracer = trace.getTracer('vm2-executor');
+
+// Show deprecation warning on first import
+console.warn(
+  '\n' +
+    '⚠️  ========================================= ⚠️\n' +
+    '⚠️  VM2 EXECUTOR DEPRECATION WARNING          ⚠️\n' +
+    '⚠️  ========================================= ⚠️\n' +
+    '\n' +
+    'The vm2 package is deprecated and contains critical security vulnerabilities.\n' +
+    'This executor should NOT be used in production environments.\n' +
+    '\n' +
+    'Migrate to:\n' +
+    '  - IsolatedVmExecutor (recommended): Full V8 isolation\n' +
+    '  - WorkerExecutor: Process-level isolation\n' +
+    '\n' +
+    'For more information:\n' +
+    '  https://github.com/patriksimek/vm2/issues/533\n' +
+    '\n' +
+    'To suppress this warning, set UNRDF_SUPPRESS_VM2_WARNING=1\n' +
+    '⚠️  ========================================= ⚠️\n'
+);
+
+/**
+ * VM2 Executor (Deprecated)
+ * @deprecated
+ */
+export class Vm2Executor {
+  /**
+   * @param {Object} [config] - Executor configuration
+   * @param {number} [config.timeout=5000] - Execution timeout in ms
+   * @param {Array<string>} [config.allowedModules] - Allowed modules
+   * @param {boolean} [config.strictMode=true] - Enable strict mode
+   */
+  constructor(config = {}) {
+    this.config = {
+      timeout: config.timeout || 5000,
+      allowedModules: config.allowedModules || [],
+      strictMode: config.strictMode !== false,
+      ...config,
+    };
+
+    this.executionCount = 0;
+    this.totalDuration = 0;
+
+    // Show warning on each instantiation unless suppressed
+    if (!process.env.UNRDF_SUPPRESS_VM2_WARNING) {
+      console.warn(
+        '[DEPRECATION] Creating vm2 executor instance - consider migrating to isolated-vm'
+      );
+    }
+  }
+
+  /**
+   * Execute code in vm2
+   * @param {string|Function} code - Code to execute
+   * @param {Object} [context] - Execution context
+   * @param {Object} [options] - Execution options
+   * @returns {Promise<Object>} Execution result
+   */
+  async run(code, context = {}, options = {}) {
+    return tracer.startActiveSpan('security.vm2.execute', async span => {
+      const startTime = Date.now();
+
+      try {
+        span.setAttributes({
+          'security.executor.type': 'vm2',
+          'security.executor.deprecated': true,
+          'security.executor.security_level': 'low',
+          'security.timeout': options.timeout || this.config.timeout,
+        });
+
+        // Dynamic import of vm2
+        let VM;
+        try {
+          const vm2Module = await import('vm2');
+          VM = vm2Module.VM;
+        } catch (err) {
+          throw new Error('vm2 not available - install with: pnpm add vm2');
+        }
+
+        // Convert function to string if needed
+        const codeString = typeof code === 'function' ? code.toString() : code;
+
+        // Create VM instance
+        const vm = new VM({
+          timeout: options.timeout || this.config.timeout,
+          sandbox: {
+            ...this._createSandboxGlobals(context),
+            console: this._createSafeConsole(),
+          },
+          eval: false,
+          wasm: false,
+        });
+
+        // Wrap code in strict mode if enabled
+        const wrappedCode = this.config.strictMode
+          ? `"use strict";\n(function() { ${codeString} })()`
+          : `(function() { ${codeString} })()`;
+
+        // Execute
+        const result = vm.run(wrappedCode);
+
+        const duration = Date.now() - startTime;
+        this.executionCount++;
+        this.totalDuration += duration;
+
+        span.setAttributes({
+          'security.execution.duration': duration,
+          'security.execution.success': true,
+        });
+        span.setStatus({ code: 1 }); // OK
+
+        return {
+          success: true,
+          result,
+          duration,
+          executorType: 'vm2',
+          deprecated: true,
+        };
+      } catch (error) {
+        const duration = Date.now() - startTime;
+
+        span.recordException(error);
+        span.setAttributes({
+          'security.execution.duration': duration,
+          'security.execution.success': false,
+          'security.error.message': error.message,
+        });
+        span.setStatus({ code: 2, message: error.message });
+
+        return {
+          success: false,
+          error: error.message,
+          duration,
+          executorType: 'vm2',
+          deprecated: true,
+        };
+      } finally {
+        span.end();
+      }
+    });
+  }
+
+  /**
+   * Create sandbox globals
+   * @param {Object} context
+   * @returns {Object}
+   * @private
+   */
+  _createSandboxGlobals(context) {
+    return {
+      Date: { now: () => Date.now() },
+      Math,
+      JSON,
+      ...context,
+    };
+  }
+
+  /**
+   * Create safe console
+   * @returns {Object}
+   * @private
+   */
+  _createSafeConsole() {
+    return {
+      log: (...args) => console.log('[VM2]', ...args),
+      error: (...args) => console.error('[VM2]', ...args),
+      warn: (...args) => console.warn('[VM2]', ...args),
+      info: (...args) => console.info('[VM2]', ...args),
+    };
+  }
+
+  /**
+   * Get executor statistics
+   * @returns {Object}
+   */
+  getStats() {
+    return {
+      type: 'vm2',
+      deprecated: true,
+      config: this.config,
+      executionCount: this.executionCount,
+      averageDuration: this.executionCount > 0 ? this.totalDuration / this.executionCount : 0,
+    };
+  }
+
+  /**
+   * Cleanup (no-op for vm2)
+   */
+  async cleanup() {
+    // vm2 doesn't require cleanup
+  }
+}

package/src/security/sandbox/worker-executor-runtime.mjs

@@ -0,0 +1,74 @@
+/**
+ * @file Worker Thread Runtime
+ * @description Runtime environment for worker thread execution
+ */
+
+import { parentPort, workerData } from 'worker_threads';
+
+try {
+  const { code, context, config } = workerData;
+
+  // Create safe global environment
+  const sandbox = {
+    // Allowed globals
+    console: {
+      log: (...args) => console.log('[Worker]', ...args),
+      error: (...args) => console.error('[Worker]', ...args),
+      warn: (...args) => console.warn('[Worker]', ...args),
+      info: (...args) => console.info('[Worker]', ...args),
+    },
+    Date: {
+      now: () => Date.now(),
+    },
+    Math,
+    JSON,
+    // Context data
+    ...context,
+  };
+
+  // Add allowed globals from config
+  if (config.allowedGlobals) {
+    for (const globalName of config.allowedGlobals) {
+      if (globalName in globalThis && !(globalName in sandbox)) {
+        sandbox[globalName] = globalThis[globalName];
+      }
+    }
+  }
+
+  // Execute code
+  // If code doesn't contain return, wrap it in return for expression evaluation
+  const wrappedCode =
+    code.trim().includes('return') || code.trim().includes(';') || code.trim().includes('{')
+      ? code
+      : `return (${code})`;
+
+  const func = new Function(
+    ...Object.keys(sandbox),
+    `
+    ${config.strictMode ? '"use strict";' : ''}
+    ${wrappedCode}
+  `
+  );
+
+  const result = func(...Object.values(sandbox));
+
+  // Get memory usage
+  const memoryUsage = process.memoryUsage();
+
+  // Send result back
+  parentPort.postMessage({
+    success: true,
+    result,
+    memoryUsed: {
+      used: memoryUsage.heapUsed,
+      total: memoryUsage.heapTotal,
+      rss: memoryUsage.rss,
+    },
+  });
+} catch (error) {
+  parentPort.postMessage({
+    success: false,
+    error: error.message,
+    stack: error.stack,
+  });
+}