vm: fix crash when setting __proto__ on context's globalThis

F3n67u · MoLow · commit 0d0fad8f0a32 · 2023-07-07T00:06:14.000+03:00
PR-URL: #47939 Reviewed-By: Zeyu "Alex" Yang <himself65@outlook.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
diff --git a/src/node_contextify.cc b/src/node_contextify.cc
@@ -535,7 +535,8 @@ void ContextifyContext::PropertySetterCallback(
   if (is_declared_on_sandbox &&
       ctx->sandbox()
           ->GetOwnPropertyDescriptor(context, property)
-          .ToLocal(&desc)) {
+          .ToLocal(&desc) &&
+      !desc->IsUndefined()) {
     Environment* env = Environment::GetCurrent(context);
     Local<Object> desc_obj = desc.As<Object>();
 
diff --git a/test/parallel/test-vm-set-proto-null-on-globalthis.js b/test/parallel/test-vm-set-proto-null-on-globalthis.js
@@ -0,0 +1,13 @@
+'use strict';
+require('../common');
+
+// Setting __proto__ on vm context's globalThis should not cause a crash
+// Regression test for https://github.com/nodejs/node/issues/47798
+
+const vm = require('vm');
+const context = vm.createContext();
+
+const contextGlobalThis = vm.runInContext('this', context);
+
+// Should not crash.
+contextGlobalThis.__proto__ = null; // eslint-disable-line no-proto
