|
| 1 | +From d059d899b9c92a1479432016fe48a01d9254d89a Mon Sep 17 00:00:00 2001 |
| 2 | +From: Kanishk Bansal < [email protected]> |
| 3 | +Date: Wed, 5 Feb 2025 12:28:55 +0000 |
| 4 | +Subject: [PATCH] Address CVE-2025-22150 |
| 5 | + |
| 6 | +--- |
| 7 | + deps/undici/src/lib/fetch/body.js | 10 +++++++++- |
| 8 | + 1 file changed, 9 insertions(+), 1 deletion(-) |
| 9 | + |
| 10 | +diff --git a/deps/undici/src/lib/fetch/body.js b/deps/undici/src/lib/fetch/body.js |
| 11 | +index fd8481b7..4afcfdfb 100644 |
| 12 | +--- a/deps/undici/src/lib/fetch/body.js |
| 13 | ++++ b/deps/undici/src/lib/fetch/body.js |
| 14 | +@@ -22,6 +22,14 @@ const { isUint8Array, isArrayBuffer } = require('util/types') |
| 15 | + const { File: UndiciFile } = require('./file') |
| 16 | + const { parseMIMEType, serializeAMimeType } = require('./dataURL') |
| 17 | + |
| 18 | ++let random |
| 19 | ++try { |
| 20 | ++ const crypto = require('node:crypto') |
| 21 | ++ random = (max) => crypto.randomInt(0, max) |
| 22 | ++} catch { |
| 23 | ++ random = (max) => Math.floor(Math.random(max)) |
| 24 | ++} |
| 25 | ++ |
| 26 | + let ReadableStream = globalThis.ReadableStream |
| 27 | + |
| 28 | + /** @type {globalThis['File']} */ |
| 29 | +@@ -107,7 +115,7 @@ function extractBody (object, keepalive = false) { |
| 30 | + // Set source to a copy of the bytes held by object. |
| 31 | + source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) |
| 32 | + } else if (util.isFormDataLike(object)) { |
| 33 | +- const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` |
| 34 | ++ const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` |
| 35 | + const prefix = `--${boundary}\r\nContent-Disposition: form-data` |
| 36 | + |
| 37 | + /*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> */ |
| 38 | +-- |
| 39 | +2.43.0 |
| 40 | + |
0 commit comments