From: Eduardo San Martin Morote <posva13@gmail.com>
Date: Thu, 31 Mar 2022 10:05:09 +0000 (+0200)
Subject: fix: avoid prototype pollution
X-Git-Tag: @pinia/testing@0.0.11~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e4858f9d5f447ba6162ca9f2472608a8bac3eca7;p=thirdparty%2Fvuejs%2Fpinia.git

fix: avoid prototype pollution
---

diff --git a/packages/pinia/src/store.ts b/packages/pinia/src/store.ts
index 5a23b475..5aad26e8 100644
--- a/packages/pinia/src/store.ts
+++ b/packages/pinia/src/store.ts
@@ -59,11 +59,13 @@ function mergeReactiveObjects<T extends StateTree>(
 ): T {
   // no need to go through symbols because they cannot be serialized anyway
   for (const key in patchToApply) {
+    if (!patchToApply.hasOwnProperty(key)) continue
     const subPatch = patchToApply[key]
     const targetValue = target[key]
     if (
       isPlainObject(targetValue) &&
       isPlainObject(subPatch) &&
+      target.hasOwnProperty(key) &&
       !isRef(subPatch) &&
       !isReactive(subPatch)
     ) {
diff --git a/packages/testing/src/testing.ts b/packages/testing/src/testing.ts
index cef0bb33..0eb594cd 100644
--- a/packages/testing/src/testing.ts
+++ b/packages/testing/src/testing.ts
@@ -139,11 +139,13 @@ function mergeReactiveObjects<T extends StateTree>(
 ): T {
   // no need to go through symbols because they cannot be serialized anyway
   for (const key in patchToApply) {
+    if (!patchToApply.hasOwnProperty(key)) continue
     const subPatch = patchToApply[key]
     const targetValue = target[key]
     if (
       isPlainObject(targetValue) &&
       isPlainObject(subPatch) &&
+      target.hasOwnProperty(key) &&
       !isRef(subPatch) &&
       !isReactive(subPatch)
     ) {