Disable command-line API for untrusted inspector clients.

Bug: chromium:1290236 Change-Id: Ie8cda6fd6260d30d3107d3b0288e01960b0e2d3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677293 Auto-Submit: Danil Somsikov <dsv@chromium.org> Commit-Queue: Danil Somsikov <dsv@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80885}

Disable command-line API for untrusted inspector clients.
Bug: chromium:1290236 Change-Id: Ie8cda6fd6260d30d3107d3b0288e01960b0e2d3e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3677293 Auto-Submit: Danil Somsikov <dsv@chromium.org> Commit-Queue: Danil Somsikov <dsv@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/main@{#80885}
0944ea06 · Danil Somsikov · V8 LUCI CQ · b29ed5a5 · 0944ea06 · 0944ea06
Commit 0944ea06 authored Jun 01, 2022 by Danil Somsikov Committed by V8 LUCI CQ Jun 01, 2022
4 changed files
--- a/src/inspector/injected-script.cc
+++ b/src/inspector/injected-script.cc
@@ -920,6 +920,11 @@ Response InjectedScript::Scope::initialize() {
 void InjectedScript::Scope::installCommandLineAPI() {
  DCHECK(m_injectedScript && !m_context.IsEmpty() &&
         !m_commandLineAPIScope.get());
+  V8InspectorSessionImpl* session =
+      m_inspector->sessionById(m_contextGroupId, m_sessionId);
+  if (session->clientTrustLevel() != V8Inspector::kFullyTrusted) {
+    return;
+  }
  m_commandLineAPIScope.reset(new V8Console::CommandLineAPIScope(
      m_context, m_injectedScript->commandLineAPI(), m_context->Global()));
 }

--- a/src/inspector/string-util.h
+++ b/src/inspector/string-util.h
@@ -69,8 +69,8 @@ v8::Local<v8::String> toV8String(v8::Isolate*, const StringView&);
 // TODO(dgozman): rename to toString16.
 String16 toProtocolString(v8::Isolate*, v8::Local<v8::String>);
 String16 toProtocolStringWithTypeCheck(v8::Isolate*, v8::Local<v8::Value>);
-String16 toString16(const StringView&);
-StringView toStringView(const String16&);
+V8_EXPORT_PRIVATE String16 toString16(const StringView&);
+V8_EXPORT_PRIVATE StringView toStringView(const String16&);
 template <size_t N>
 StringView toStringView(const char* str[N]) {
  return StringView(reinterpret_cast<const uint8_t*>(str), N);

--- a/src/inspector/v8-inspector-session-impl.h
+++ b/src/inspector/v8-inspector-session-impl.h
@@ -98,6 +98,9 @@ class V8InspectorSessionImpl : public V8InspectorSession,
  static const unsigned kInspectedObjectBufferSize = 5;

  void triggerPreciseCoverageDeltaUpdate(StringView occasion) override;
+  V8Inspector::ClientTrustLevel clientTrustLevel() {
+    return m_clientTrustLevel;
+  }

 private:
  V8InspectorSessionImpl(V8InspectorImpl*, int contextGroupId, int sessionId,

--- a/test/cctest/test-inspector.cc
+++ b/test/cctest/test-inspector.cc
@@ -12,8 +12,11 @@
 #include "src/inspector/v8-inspector-impl.h"
 #include "test/cctest/cctest.h"

+using v8_inspector::String16;
 using v8_inspector::StringBuffer;
 using v8_inspector::StringView;
+using v8_inspector::toString16;
+using v8_inspector::toStringView;
 using v8_inspector::V8ContextInfo;
 using v8_inspector::V8Inspector;
 using v8_inspector::V8InspectorSession;
@@ -205,3 +208,50 @@ TEST(NoInterruptOnGetAssociatedData) {
  CompileRun("0");
  CHECK(recorder.WasInvoked);
 }
+
+TEST(NoConsoleAPIForUntrustedClient) {
+  LocalContext env;
+  v8::Isolate* isolate = env->GetIsolate();
+  v8::HandleScope handle_scope(isolate);
+
+  v8_inspector::V8InspectorClient default_client;
+  std::unique_ptr<V8Inspector> inspector =
+      V8Inspector::create(isolate, &default_client);
+  V8ContextInfo context_info(env.local(), 1, toStringView(""));
+  inspector->contextCreated(context_info);
+
+  class TestChannel : public V8Inspector::Channel {
+   public:
+    ~TestChannel() override = default;
+    void sendResponse(int callId,
+                      std::unique_ptr<StringBuffer> message) override {
+      CHECK_EQ(callId, 1);
+      CHECK_NE(toString16(message->string()).find(expected_response_matcher_),
+               String16::kNotFound);
+    }
+    void sendNotification(std::unique_ptr<StringBuffer> message) override {}
+    void flushProtocolNotifications() override {}
+    v8_inspector::String16 expected_response_matcher_;
+  };
+
+  TestChannel channel;
+  const char kCommand[] = R"({
+    "id": 1,
+    "method": "Runtime.evaluate",
+    "params": {
+      "expression": "$0 || 42",
+      "contextId": 1,
+      "includeCommandLineAPI": true
+    }
+  })";
+  std::unique_ptr<V8InspectorSession> trusted_session =
+      inspector->connect(1, &channel, toStringView("{}"),
+                         v8_inspector::V8Inspector::kFullyTrusted);
+  channel.expected_response_matcher_ = R"("value":42)";
+  trusted_session->dispatchProtocolMessage(toStringView(kCommand));
+
+  std::unique_ptr<V8InspectorSession> untrusted_session = inspector->connect(
+      1, &channel, toStringView("{}"), v8_inspector::V8Inspector::kUntrusted);
+  channel.expected_response_matcher_ = R"("className":"ReferenceError")";
+  untrusted_session->dispatchProtocolMessage(toStringView(kCommand));
+}