Describe the bug / 问题描述
@ant-design/plots@2.6.8 exposes @antv/g2 as the G2 namespace from the package root entry. The public G2.renderToMountedElement API can be reached through this root export.
When renderToMountedElement receives an options object, it calls inferKeys(options) before the mounted-element validation fails. inferKeys(options) performs a deep merge through @antv/util.deepMix({}, options). The merge operation does not filter prototype-pollution primitives such as __proto__, allowing attacker-controlled options to write properties onto Object.prototype.
Reproduction link / 复现链接
No response
Steps to Reproduce the Bug or Issue / 重现步骤
Proof of Concept
const { G2 } = require('@ant-design/plots');
delete Object.prototype.polluted;
try {
G2.renderToMountedElement(
JSON.parse('{"__proto__":{"polluted":"yes"}}')
);
} catch (e) {
// renderToMountedElement may throw later because no valid mounted element is provided.
// The prototype pollution happens before that validation error.
}
console.log(({}).polluted);Actual Result
Expected Result
The options-processing path should not modify Object.prototype.
Version / 版本
Please select / 请选择
OS / 操作系统
Browser / 浏览器
Describe the bug / 问题描述
@ant-design/plots@2.6.8exposes@antv/g2as theG2namespace from the package root entry. The publicG2.renderToMountedElementAPI can be reached through this root export.When
renderToMountedElementreceives an options object, it callsinferKeys(options)before the mounted-element validation fails.inferKeys(options)performs a deep merge through@antv/util.deepMix({}, options). The merge operation does not filter prototype-pollution primitives such as__proto__, allowing attacker-controlled options to write properties ontoObject.prototype.Reproduction link / 复现链接
No response
Steps to Reproduce the Bug or Issue / 重现步骤
Proof of Concept
Actual Result
Expected Result
The options-processing path should not modify
Object.prototype.Version / 版本
Please select / 请选择
OS / 操作系统
Browser / 浏览器