endojs · erights · Aug 13, 2024 · Jul 26, 2024 · Jul 26, 2024 · Aug 10, 2024
diff --git a/packages/ses/src/commons.js b/packages/ses/src/commons.js
@@ -137,6 +137,10 @@ export const { prototype: generatorPrototype } = getPrototypeOf(
   // eslint-disable-next-line no-empty-function, func-names
   function* () {},
 );
+export const iteratorPrototype = getPrototypeOf(
+  // eslint-disable-next-line @endo/no-polymorphic-call
+  getPrototypeOf(arrayPrototype.values()),
+);
 
 export const typedArrayPrototype = getPrototypeOf(Uint8Array.prototype);
 

diff --git a/packages/ses/src/lockdown.js b/packages/ses/src/lockdown.js
@@ -55,6 +55,7 @@ import { makeCompartmentConstructor } from './compartment.js';
 import { tameHarden } from './tame-harden.js';
 import { tameSymbolConstructor } from './tame-symbol-constructor.js';
 import { tameFauxDataProperties } from './tame-faux-data-properties.js';
+import { tameRegeneratorRuntime } from './tame-regenerator-runtime.js';
 
 /** @import {LockdownOptions} from '../types.js' */
 
@@ -180,12 +181,20 @@ export const repairIntrinsics = (options = {}) => {
       /** @param {string} debugName */
       debugName => debugName !== '',
     ),
+    legacyRegeneratorRuntimeTaming = getenv(
+      'LOCKDOWN_LEGACY_REGENERATOR_RUNTIME_TAMING',
+      'safe',
+    ),
     __hardenTaming__ = getenv('LOCKDOWN_HARDEN_TAMING', 'safe'),
     dateTaming = 'safe', // deprecated
     mathTaming = 'safe', // deprecated
     ...extraOptions
   } = options;
 
+  legacyRegeneratorRuntimeTaming === 'safe' ||
+    legacyRegeneratorRuntimeTaming === 'unsafe-ignore' ||
+    Fail`lockdown(): non supported option legacyRegeneratorRuntimeTaming: ${q(legacyRegeneratorRuntimeTaming)}`;
+
   evalTaming === 'unsafeEval' ||
     evalTaming === 'safeEval' ||
     evalTaming === 'noEval' ||
@@ -412,6 +421,9 @@ export const repairIntrinsics = (options = {}) => {
     // clear yet which is better.
     // @ts-ignore enablePropertyOverrides does its own input validation
     enablePropertyOverrides(intrinsics, overrideTaming, overrideDebug);
+    if (legacyRegeneratorRuntimeTaming === 'unsafe-ignore') {
+      tameRegeneratorRuntime();
+    }
 
     // Finally register and optionally freeze all the intrinsics. This
     // must be the operation that modifies the intrinsics.

diff --git a/packages/ses/src/tame-regenerator-runtime.js b/packages/ses/src/tame-regenerator-runtime.js
@@ -0,0 +1,29 @@
+import {
+  defineProperty,
+  iteratorPrototype,
+  iteratorSymbol,
+  objectHasOwnProperty,
+} from './commons.js';
+
+export const tameRegeneratorRuntime = () => {
+  const iter = iteratorPrototype[iteratorSymbol];
+  defineProperty(iteratorPrototype, iteratorSymbol, {
+    configurable: true,
+    get() {
+      return iter;
+    },
+    set(value) {
+      // ignore the assignment on IteratorPrototype
+      if (this === iteratorPrototype) return;
+      if (objectHasOwnProperty(this, iteratorSymbol)) {
+        this[iteratorSymbol] = value;
+      }
+      defineProperty(this, iteratorSymbol, {
+        value,
+        writable: true,
+        enumerable: true,
+        configurable: true,
+      });
+    },
+  });
+};
diff --git a/packages/ses/test/tame-legacy-regenerator-helper.test.js b/packages/ses/test/tame-legacy-regenerator-helper.test.js
@@ -0,0 +1,45 @@
+import test from 'ava';
+import '../index.js';
+
+lockdown({ legacyRegeneratorRuntimeTaming: 'unsafe-ignore' });
+
+test('lockdown Iterator.prototype[@@iterator] is tamed', t => {
+  const IteratorProto = Object.getPrototypeOf(
+    Object.getPrototypeOf([].values()),
+  );
+  const desc = Object.getOwnPropertyDescriptor(IteratorProto, Symbol.iterator);
+  if (!desc || !desc.get || !desc.set) throw new Error('unreachable');
+  t.is(desc.configurable || desc.enumerable, false);
+  t.is(desc.value, undefined);
+
+  const { get } = desc;
+
+  const child = Object.create(IteratorProto);
+  child[Symbol.iterator] = 'foo'; // override test
+  t.is(child[Symbol.iterator], 'foo');
+
+  const native = get();
+  IteratorProto[Symbol.iterator] = function f() {
+    return this;
+  };
+  t.is(get(), native);
+  t.is(
+    Function.prototype.toString.call(native),
+    'function [Symbol.iterator]() { [native code] }',
+  );
+});
+
+test('lockdown Iterator.prototype[@@iterator] is tamed in Compartments', t => {
+  const c = new Compartment();
+  const compartmentIteratorProto = Object.getPrototypeOf(
+    Object.getPrototypeOf(c.globalThis.Array().values()),
+  );
+  t.is(
+    compartmentIteratorProto,
+    Object.getPrototypeOf(Object.getPrototypeOf([].values())),
+  );
+  const parentFunction = /** @type {any} */ (
+    Object.getOwnPropertyDescriptor(compartmentIteratorProto, Symbol.iterator)
+  ).get.constructor;
+  t.throws(() => Reflect.construct(parentFunction, ['return globalThis']));
+});
diff --git a/packages/ses/types.d.ts b/packages/ses/types.d.ts
@@ -33,6 +33,12 @@ export interface RepairOptions {
   overrideTaming?: 'moderate' | 'min' | 'severe';
   overrideDebug?: Array<string>;
   domainTaming?: 'safe' | 'unsafe';
+  /**
+   * safe (default): do nothing.
+   *
+   * unsafe-ignore: make %IteratorPrototype%[@@iterator] to a funky accessor which ignores all assignments.
+   */
+  legacyRegeneratorRuntimeTaming?: 'safe' | 'unsafe-ignore';
   __hardenTaming__?: 'safe' | 'unsafe';
 }