[DI] Sanitize instanceof class in probe conditions (#5520)

watson · web-flow · commit ca02e1ddff16 · 2025-04-04T12:16:11.000Z
diff --git a/packages/dd-trace/src/debugger/devtools_client/condition.js b/packages/dd-trace/src/debugger/devtools_client/condition.js
@@ -57,7 +57,7 @@ function compile (node) {
       }
     })()`
   } else if (type === 'instanceof') {
-    return `Function.prototype[Symbol.hasInstance].call(${value[1]}, ${compile(value[0])})`
+    return `Function.prototype[Symbol.hasInstance].call(${assertIdentifier(value[1])}, ${compile(value[0])})`
   } else if (type === 'ref') {
     if (value === '@it') {
       return '$dd_it'
diff --git a/packages/dd-trace/test/debugger/devtools_client/condition-test-cases.js b/packages/dd-trace/test/debugger/devtools_client/condition-test-cases.js
@@ -629,6 +629,11 @@ const typeAndDefinitionChecks = [
     { bar: new HasInstanceSideEffect(), HasInstanceSideEffect },
     true
   ],
+  {
+    ast: { instanceof: [{ ref: 'foo' }, 'foo.bar'] },
+    expected: new SyntaxError('Illegal identifier: foo.bar'),
+    execute: false
+  },
 
   [{ isDefined: { ref: 'foo' } }, { bar: 42 }, false],
   [{ isDefined: { ref: 'bar' } }, { bar: 42 }, true],

Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,7 @@ function compile (node) {`
`57`	`57`	`}`
`58`	`58`	})()`
`59`	`59`	`} else if (type === 'instanceof') {`
`60`		- return `Function.prototype[Symbol.hasInstance].call(${value[1]}, ${compile(value[0])})`
	`60`	+ return `Function.prototype[Symbol.hasInstance].call(${assertIdentifier(value[1])}, ${compile(value[0])})`
`61`	`61`	`} else if (type === 'ref') {`
`62`	`62`	`if (value === '@it') {`
`63`	`63`	`return '$dd_it'`