Skip to content

Latest commit

 

History

History
23 lines (16 loc) · 2.41 KB

threat-modeling.md

File metadata and controls

23 lines (16 loc) · 2.41 KB

Threat Model Analysis for isaacs/inherits

Threat: Prototype Pollution via Inherited Properties

Description: An attacker could maliciously modify properties on the prototype of a parent class that is used with inherits. This pollution affects all subclasses inheriting from this parent, potentially altering their behavior in unexpected and harmful ways. Attackers might achieve this by exploiting vulnerabilities in code that interacts with or modifies subclass prototypes after inheritance is established, or by directly manipulating the parent class prototype if accessible.

  • Impact:

    • Code Injection: By polluting inherited methods, attackers can inject malicious code that gets executed when these methods are called on subclass instances.
    • Denial of Service (DoS): Modifying critical inherited properties can lead to application crashes, infinite loops, or other unexpected behavior, causing service disruption.
    • Information Disclosure: Polluted prototypes might expose internal application state or data through unexpected property access or modified method behavior.
    • Authentication/Authorization Bypass: If authentication or authorization logic relies on inherited properties or methods, pollution could be used to bypass security checks.

  • Affected Inherits Component: Prototype chain established by inherits, specifically the parent class prototype and subclass prototypes.

  • Risk Severity: High

  • Mitigation Strategies:

    • Careful Prototype Modification: Rigorously review and test any code that modifies subclass prototypes after using inherits to ensure no unintended pollution of parent class prototypes occurs.
    • Defensive Programming: Validate the type and expected values of inherited properties, especially when accessed from external or untrusted sources, to prevent exploitation of polluted values.
    • Object Freezing: Freeze prototypes of critical parent classes after inheritance is set up to prevent modifications. Consider performance implications before applying broadly.
    • Code Reviews: Implement thorough code reviews to identify potential prototype pollution vulnerabilities introduced through inherits usage and prototype manipulations.
    • Static Analysis Tools: Utilize static analysis tools capable of detecting prototype pollution vulnerabilities in JavaScript code, focusing on inheritance patterns.