|
| 1 | +From 7a5aff9d9e6b6b541f7528cedb9bcf2046289f1a Mon Sep 17 00:00:00 2001 |
| 2 | +From: Kanishk Bansal < [email protected]> |
| 3 | +Date: Wed, 5 Feb 2025 12:14:46 +0000 |
| 4 | +Subject: [PATCH] Address CVE-2025-22150 |
| 5 | + |
| 6 | +--- |
| 7 | + deps/undici/src/lib/web/fetch/body.js | 10 +++++++++- |
| 8 | + 1 file changed, 9 insertions(+), 1 deletion(-) |
| 9 | + |
| 10 | +diff --git a/deps/undici/src/lib/web/fetch/body.js b/deps/undici/src/lib/web/fetch/body.js |
| 11 | +index 26cce5f3..594620b5 100644 |
| 12 | +--- a/deps/undici/src/lib/web/fetch/body.js |
| 13 | ++++ b/deps/undici/src/lib/web/fetch/body.js |
| 14 | +@@ -20,6 +20,14 @@ const { isErrored } = require('../../core/util') |
| 15 | + const { isArrayBuffer } = require('node:util/types') |
| 16 | + const { serializeAMimeType } = require('./data-url') |
| 17 | + const { multipartFormDataParser } = require('./formdata-parser') |
| 18 | ++let random |
| 19 | ++ |
| 20 | ++try { |
| 21 | ++ const crypto = require('node:crypto') |
| 22 | ++ random = (max) => crypto.randomInt(0, max) |
| 23 | ++} catch { |
| 24 | ++ random = (max) => Math.floor(Math.random(max)) |
| 25 | ++} |
| 26 | + |
| 27 | + const textEncoder = new TextEncoder() |
| 28 | + |
| 29 | +@@ -100,7 +108,7 @@ function extractBody (object, keepalive = false) { |
| 30 | + // Set source to a copy of the bytes held by object. |
| 31 | + source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength)) |
| 32 | + } else if (util.isFormDataLike(object)) { |
| 33 | +- const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}` |
| 34 | ++ const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}` |
| 35 | + const prefix = `--${boundary}\r\nContent-Disposition: form-data` |
| 36 | + |
| 37 | + /*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> */ |
| 38 | +-- |
| 39 | +2.43.0 |
| 40 | + |
0 commit comments