Hello, is there any way to make the large functions in node equal to those in VM2? Or not isolate large functions?

[lanbda1]

Hello, is there any way to make the large functions in node equal to those in VM2? Or not isolate large functions?

[XmiliaH]

What are the large functions and when are they considered equal? Could you give a better description of what you want to accomplish?

[lanbda1]

const vm = new VM() vm.setGlobal('node', {Function: Function}) I introduced a large function to vm2 at node, but the function I created in vm2 does not inherit from node's large function. I want the function created in vm2 to inherit from node's function

[lanbda1]

什么是以及何时它们被认为是平等的？你能更好地描述你想要完成什么吗？the large functions const vm = new VM() vm.setGlobal('node', {Function: Function}) I introduced a large function to vm2 at node, but the function I created in vm2 does not inherit from node's large function. I want the function created in vm2 to inherit from node's function I need to implement the function inheritance from node. Function in vm2, and I want to modify the vm2 source code implementation

[XmiliaH]

You should not pass the node Function object into the sandbox as it allows to break out of the sandbox.

[lanbda1]

不应将节点对象传递到沙箱中，因为它允许脱离沙箱。Function

I need to implement this requirement now, so that the functions created in vm2 inherit from the functions in node. Can I modify the vm2 source code to achieve this?

[XmiliaH]

What is wrong with

const vm = new VM();
const code = `
function vm2_func() {}
vm2_func;
`;
const vm2_func = vm.run(code);
console.log(vm2_func instanceof Function); // true

And passing or modifying vm2 to work with the node Function is unsafe.

[lanbda1]

有什么问题

const vm = new VM();
const code = `
function vm2_func() {}
vm2_func;
`;
const vm2_func = vm.run(code);
console.log(vm2_func instanceof Function); // true

传递或修改 vm2 以使用节点是不安全的。Function That's not right. I tested your code and it returned false

[XmiliaH]

That's not right. I tested your code and it returned false

In that case your problem might be somewhere else as this is true for me.

[lanbda1]

这是不对的。我测试了您的代码，它返回了错误

在这种情况下，您的问题可能在其他地方，因为这对我来说是。true I haven't updated the vm2 module, but I tested your code and it does return true. What I need to achieve is to make the functions created in vm2 inherit from the big Function object in Node.js at the marked position.

[XmiliaH]

What I need to achieve is to make the functions created in vm2 inherit from the big Function object in Node.js at the marked position.

That is not possible.

[lanbda1]

我需要实现的是使在 vm2 中创建的函数继承自 Node 中的大函数对象.js在标记位置。

这是不可能的。 Why? Isn't it okay to modify the VM2 source code?

[XmiliaH]

Isn't it okay to modify the VM2 source code?

You can, but this would remove all the sandboxing and you could just use the node vm module

[lanbda1]

请问我修改哪个文件的代码比较合适呢？

修改 VM2 源代码不行吗？

你可以，但这将删除所有的沙盒，你可以只使用节点模块vm

May I ask which file's code is more suitable for me to modify?

[XmiliaH]

The following might be what you are looking for, but it makes the sandbox insecure!!

--- a/lib/setup-sandbox.js
+++ b/lib/setup-sandbox.js
@@ -435,6 +435,8 @@ if (AsyncGeneratorFunction) {
 global.Function = proxiedFunction;
 global.eval = new LocalProxy(localEval, EvalHandler);

+connect(proxiedFunction, host.Function);
+
 /*
  * Promise sanitization
  */

If this is not waht you are looking for then I do not know if it is even possible to implement what you want even with source code edits.

[lanbda1]

以下内容可能是您要查找的内容，但它会使沙盒不安全！！

--- a/lib/setup-sandbox.js
+++ b/lib/setup-sandbox.js
@@ -435,6 +435,8 @@ if (AsyncGeneratorFunction) {
 global.Function = proxiedFunction;
 global.eval = new LocalProxy(localEval, EvalHandler);

+connect(proxiedFunction, host.Function);
+
 /*
  * Promise sanitization
  */

如果这不是您要找的，那么我不知道即使通过源代码编辑，是否有可能实现您想要的东西。 I tested your modified code and it didn't achieve what I wanted. It seems that only through what you said ：You can, but this would remove all the sandboxing and you could just use the node vm module。 But I don't know how to modify the code to clear all sandboxes

[XmiliaH]

Clearing sandboxes is not possible to implement.