From 8e6f9c22762e30cdb3958ec495dbdb37a46fb676 Mon Sep 17 00:00:00 2001
From: bmeck <bradley.meck@gmail.com>
Date: Mon, 6 Oct 2014 12:01:36 -0500
Subject: [PATCH] use "has" instead of home rolled hasOwnProperty wrapper

---
 lib/ipset/add.js      |  5 +++--
 lib/ipset/create.js   |  5 +++--
 lib/ipset/del.js      |  5 +++--
 lib/ipset/test.js     |  5 +++--
 lib/iptables/dump.js  |  5 +++--
 lib/iptables/utils.js | 16 ++++------------
 package.json          | 41 +++++++++++++++++++++--------------------
 7 files changed, 40 insertions(+), 42 deletions(-)

diff --git a/lib/ipset/add.js b/lib/ipset/add.js
index 93c6470..2631948 100644
--- a/lib/ipset/add.js
+++ b/lib/ipset/add.js
@@ -1,4 +1,5 @@
 var exec = require('../child_utils').exec;
+var hasOwnProperty = require('has');
 
 /**
  * Add a given entry to the set.
@@ -37,7 +38,7 @@ module.exports = function (options, cb) {
    */
   if (typeof options['add_options'] != 'undefined') {
     for (var i in options['add_options']) {
-      if (options['add_options'].hasOwnProperty(i)) {
+      if (hasOwnProperty(options['add_options'], i)) {
         args = args.concat(i, options['add_options'][i]);
       }
     }
@@ -58,4 +59,4 @@ module.exports = function (options, cb) {
       cb(null);
     }
   });
-};
\ No newline at end of file
+};
diff --git a/lib/ipset/create.js b/lib/ipset/create.js
index b7dc412..b2f484a 100644
--- a/lib/ipset/create.js
+++ b/lib/ipset/create.js
@@ -1,4 +1,5 @@
 var exec = require('../child_utils').exec;
+var hasOwnProperty = require('has');
 
 /**
  * Create a set identified with setsetname and specified type.
@@ -37,7 +38,7 @@ module.exports = function (options, cb) {
    */
   if (typeof options['create_options'] != 'undefined') {
     for (var i in options['create_options']) {
-      if (options['create_options'].hasOwnProperty(i)) {
+      if (hasOwnProperty(options['create_options'], i)) {
         args = args.concat(i, options['create_options'][i]);
       }
     }
@@ -58,4 +59,4 @@ module.exports = function (options, cb) {
       cb(null);
     }
   });
-};
\ No newline at end of file
+};
diff --git a/lib/ipset/del.js b/lib/ipset/del.js
index ade6fe7..b7daa88 100644
--- a/lib/ipset/del.js
+++ b/lib/ipset/del.js
@@ -1,4 +1,5 @@
 var exec = require('../child_utils').exec;
+var hasOwnProperty = require('has');
 
 /**
  * Delete an entry from a set.
@@ -37,7 +38,7 @@ module.exports = function (options, cb) {
    */
   if (typeof options['del_options'] != 'undefined') {
     for (var i in options['del_options']) {
-      if (options['del_options'].hasOwnProperty(i)) {
+      if (hasOwnProperty(options['del_options'], i)) {
         args = args.concat(i, options['del_options'][i]);
       }
     }
@@ -58,4 +59,4 @@ module.exports = function (options, cb) {
       cb(null);
     }
   });
-};
\ No newline at end of file
+};
diff --git a/lib/ipset/test.js b/lib/ipset/test.js
index 0661b99..286c26b 100644
--- a/lib/ipset/test.js
+++ b/lib/ipset/test.js
@@ -1,4 +1,5 @@
 var exec = require('../child_utils').exec;
+var hasOwnProperty = require('has');
 
 /**
  * Test wether an entry is in a set or not.
@@ -37,7 +38,7 @@ module.exports = function (options, cb) {
    */
   if (typeof options['test_options'] != 'undefined') {
     for (var i in options['test_options']) {
-      if (options['test_options'].hasOwnProperty(i)) {
+      if (hasOwnProperty(options['test_options'], i)) {
         args = args.concat(i, options['test_options'][i]);
       }
     }
@@ -58,4 +59,4 @@ module.exports = function (options, cb) {
       cb(null, 0);
     }
   });
-};
\ No newline at end of file
+};
diff --git a/lib/iptables/dump.js b/lib/iptables/dump.js
index 53e5740..21ba3e8 100644
--- a/lib/iptables/dump.js
+++ b/lib/iptables/dump.js
@@ -1,3 +1,4 @@
+var hasOwnProperty = require('has');
 var exec = require('../child_utils').exec;
 var shell_quote = require('shell-quote');
 
@@ -223,7 +224,7 @@ module.exports = function (/* options?, cb */) {
 
         args.forEach(function (arg) {
           if (option === '') {
-            arg = Object.prototype.hasOwnProperty.call(MAPPED_ARGS, arg)
+            arg = hasOwnProperty(MAPPED_ARGS, arg)
               ? MAPPED_ARGS[arg]
               : arg;
 
@@ -328,4 +329,4 @@ module.exports = function (/* options?, cb */) {
       cb(null, tables);
     }
   });
-};
\ No newline at end of file
+};
diff --git a/lib/iptables/utils.js b/lib/iptables/utils.js
index f2ff7dc..e1bef0d 100644
--- a/lib/iptables/utils.js
+++ b/lib/iptables/utils.js
@@ -1,3 +1,6 @@
+// protect against .hasOwnProperty attacks
+var hasOwnProperty = require('has');
+
 // Tables.
 exports.tables = {
   filter  : 'filter',     // The default table (if no -t option is passed). It contains the built-in chains INPUT (for packets destined to local sockets), FORWARD (for packets being routed through the box), and OUTPUT (for locally-generated packets).
@@ -38,17 +41,6 @@ function manage_arg(property, flag, args, is_boolean) {
   }
 }
 
-/**
- * TODO: Ask @bmeck the reasoning behind overriding the native method.
- *
- * @param  {Object}   object    Object to be tested for property inclusion.
- * @param  {String}   key       Property to be tested against the object.
- * @return {Boolean}
- */
-function hasOwnProperty(object, key) {
-  return Object.prototype.hasOwnProperty.call(object, key);
-}
-
 /**
  * Process common rule specs for `append`, `check`, `delete`, `insert` and `replace`.
  *
@@ -106,4 +98,4 @@ exports.processCommonRuleSpecs = function (options) {
   }
 
   return args;
-};
\ No newline at end of file
+};
diff --git a/package.json b/package.json
index a6c7d7a..fa9f060 100644
--- a/package.json
+++ b/package.json
@@ -1,9 +1,9 @@
 {
-  "name"           : "netfilter",
-  "version"        : "0.3.0",
-  "description"    : "Packet filtering framework. Wrapper to provide netfilter capabilities from Node.js",
-  "main"           : "index.js",
-  "keywords"       : [
+  "name": "netfilter",
+  "version": "0.3.0",
+  "description": "Packet filtering framework. Wrapper to provide netfilter capabilities from Node.js",
+  "main": "index.js",
+  "keywords": [
     "stateless",
     "stateful",
     "packet",
@@ -27,32 +27,33 @@
     "alias",
     "set"
   ],
-  "dependencies"   : {
-    "async"        : "~0.9.0",
+  "dependencies": {
+    "async": "~0.9.0",
+    "has": "0.0.1",
     "process-queue": "^1.0.1",
-    "shell-quote"  : "^1.4.2"
+    "shell-quote": "^1.4.2"
   },
   "devDependencies": {
-    "should": "~4.0.4",
-    "mocha" : "~1.20.1"
+    "mocha": "^1.21.4",
+    "should": "^4.0.4"
   },
-  "engines"        : {
+  "engines": {
     "node": ">=0.8.0"
   },
-  "homepage"       : "https://github.com/diosney/node-netfilter",
-  "bugs"           : {
+  "homepage": "https://github.com/diosney/node-netfilter",
+  "bugs": {
     "url": "https://github.com/diosney/node-netfilter/issues"
   },
-  "author"         : {
-    "name" : "Diosney Sarmiento",
+  "author": {
+    "name": "Diosney Sarmiento",
     "email": "diosney.s@gmail.com"
   },
-  "license"        : "MIT",
-  "repository"     : {
+  "license": "MIT",
+  "repository": {
     "type": "git",
-    "url" : "https://github.com/diosney/node-netfilter.git"
+    "url": "https://github.com/diosney/node-netfilter.git"
   },
-  "scripts"        : {
-    "test": "node test/*.js"
+  "scripts": {
+    "test": "mocha test/unit/*.js"
   }
 }