Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
electron
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix: ensure app load is limited to real asar files when appropriate (#39809)

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Samuel Attard <[email protected]>
trop[bot] 1 year ago
parent
69b8ebc7f4
commit
9faee48070
4 changed files with 20 additions and 1 deletions
Split View Show Diff Stats
  1. 3 1
      lib/asar/fs-wrapper.ts
  2. 9 0
      lib/browser/init.ts
  3. 7 0
      shell/common/node_bindings.cc
  4. 1 0
      typings/internal-ambient.d.ts

+ 3 - 1
lib/asar/fs-wrapper.ts
View File 

@@ -27,7 +27,7 @@ const cachedArchives = new Map<string, NodeJS.AsarArchive>();
 
 const getOrCreateArchive = (archivePath: string) => {
 
   const isCached = cachedArchives.has(archivePath);
 
   if (isCached) {
 
-    return cachedArchives.get(archivePath);
 
+    return cachedArchives.get(archivePath)!;
 
   }
 
 
   try {
 
@@ -39,6 +39,8 @@ const getOrCreateArchive = (archivePath: string) => {
 
   }
 
 };
 
 
+process._getOrCreateArchive = getOrCreateArchive;
 
+
 
 const asarRe = /\.asar/i;
 
 
 // Separate asar package's path from full path.

+ 9 - 0
lib/browser/init.ts
View File 

@@ -84,11 +84,20 @@ const v8Util = process._linkedBinding('electron_common_v8_util');
 
 let packagePath = null;
 
 let packageJson = null;
 
 const searchPaths: string[] = v8Util.getHiddenValue(global, 'appSearchPaths');
 
+const searchPathsOnlyLoadASAR: boolean = v8Util.getHiddenValue(global, 'appSearchPathsOnlyLoadASAR');
 
+// Borrow the _getOrCreateArchive asar helper
 
+const getOrCreateArchive = process._getOrCreateArchive;
 
+delete process._getOrCreateArchive;
 
 
 if (process.resourcesPath) {
 
   for (packagePath of searchPaths) {
 
     try {
 
       packagePath = path.join(process.resourcesPath, packagePath);
 
+      if (searchPathsOnlyLoadASAR) {
 
+        if (!getOrCreateArchive?.(packagePath)) {
 
+          continue;
 
+        }
 
+      }
 
       packageJson = Module._load(path.join(packagePath, 'package.json'));
 
       break;
 
     } catch {

+ 7 - 0
shell/common/node_bindings.cc
View File 

@@ -521,6 +521,13 @@ node::Environment* NodeBindings::CreateEnvironment(
 
                          electron::fuses::IsOnlyLoadAppFromAsarEnabled()
 
                              ? app_asar_search_paths
 
                              : search_paths));
 
+    context->Global()->SetPrivate(
 
+        context,
 
+        v8::Private::ForApi(
 
+            isolate, gin::ConvertToV8(isolate, "appSearchPathsOnlyLoadASAR")
 
+                         .As<v8::String>()),
 
+        gin::ConvertToV8(isolate,
 
+                         electron::fuses::IsOnlyLoadAppFromAsarEnabled()));
 
   }
 
 
   base::FilePath resources_path = GetResourcesPath();

+ 1 - 0
typings/internal-ambient.d.ts
View File 

@@ -252,6 +252,7 @@ declare namespace NodeJS {
 
     // Additional properties
 
     _firstFileName?: string;
 
     _serviceStartupScript: string;
 
+    _getOrCreateArchive?: (path: string) => NodeJS.AsarArchive | null;
 
 
     helperExecPath: string;
 
     mainModule?: NodeJS.Module | undefined;