Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
isolated-vm
Advanced tools
The isolated-vm npm package allows you to create isolated JavaScript environments, or 'isolates', which can run code independently of each other. This is useful for running untrusted code, sandboxing, and creating secure execution contexts.
Creating an Isolate
This feature allows you to create a new isolated environment with a specified memory limit. The code sample demonstrates creating an isolate with a 128MB memory limit.
const ivm = require('isolated-vm');
const isolate = new ivm.Isolate({ memoryLimit: 128 });
console.log('Isolate created with 128MB memory limit');
Running Scripts in an Isolate
This feature allows you to compile and run scripts within an isolate. The code sample demonstrates creating a context, compiling a script, and running it within the isolate.
const ivm = require('isolated-vm');
const isolate = new ivm.Isolate({ memoryLimit: 128 });
(async () => {
const context = await isolate.createContext();
const script = await isolate.compileScript('let a = 1 + 2; a');
const result = await script.run(context);
console.log('Script result:', result); // Output: Script result: 3
})();
Transferring Data Between Isolates
This feature allows you to transfer data between the main environment and the isolate. The code sample demonstrates setting a global variable in the isolate and retrieving its value.
const ivm = require('isolated-vm');
const isolate = new ivm.Isolate({ memoryLimit: 128 });
(async () => {
const context = await isolate.createContext();
const jail = context.global;
await jail.set('global', jail.derefInto());
const script = await isolate.compileScript('global.a = 1 + 2');
await script.run(context);
const a = await jail.get('a');
console.log('Value of a:', a); // Output: Value of a: 3
})();
The vm2 package provides a sandbox that can run untrusted code with whitelisted Node's built-in modules. It offers a similar functionality to isolated-vm but with a focus on security and ease of use. Unlike isolated-vm, vm2 allows you to use Node's built-in modules within the sandbox.
The sandboxed-module package allows you to load modules in a sandboxed environment. It is useful for testing and running untrusted code. Compared to isolated-vm, sandboxed-module is more focused on module isolation rather than creating fully isolated JavaScript environments.
isolated-vm
is a library for nodejs which gives you access to v8's Isolate
interface. This
allows you to create JavaScript environments which are completely isolated from each other. This
can be a powerful tool to run code in a fresh JavaScript environment completely free of extraneous
capabilities provided by the nodejs runtime.
isolated-vm
is currently in maintenance mode. New features are not actively being added but
existing features and new versions of nodejs are supported as possible. There are some major
architectural changes which need to be added to improve the stability and security of the project. I
don't have as much spare time as I did when I started this project, so there is not currently any
plan for these improvements.
Multi-process architecture. v8 is not resilient to out of memory conditions and is unable to
gracefully unwind from these errors. Therefore it is possible, and even common, to crash a process
with poorly-written or hostile software. I implemented a band-aid for this with the
onCatastrophicError
callback which quarantines a corrupted isolate, but it is not reliable.
Bundled v8 version. nodejs uses a patched version of v8 which makes development of this module more difficult than it needs to be. For some reason they're also allowed to change the v8 ABI in semver minor releases as well, which causes issues for users while upgrading nodejs. Also, some Linux distributions strip "internal" symbols from their nodejs binaries which makes usage of this module impossible. I think the way to go is to compile and link against our own version of v8.
This project requires nodejs version 16.x (or later).
π¨ If you are using a version of nodejs 20.x or later, you must pass --no-node-snapshot
to node
.
Furthermore, to install this module you will need a compiler installed. If you run into errors while
running npm install isolated-vm
it is likely you don't have a compiler set up, or your compiler is
too old.
sudo apt-get install python g++ build-essential
sudo apk add python3 make g++
sudo yum install gcc72 gcc72-c++
sudo pacman -S make gcc python
sudo dnf install python3 make gcc gcc-c++ zlib-devel brotli-devel openssl-devel
Screeps - Screeps is an online JavaScript-based MMO+RPG game. They are using isolated-vm to run arbitrary player-supplied code in secure environments which can persistent for several days at a time.
Fly - Fly is a programmable CDN which hosts dynamic endpoints as opposed to just static resources. They are using isolated-vm to run globally distributed applications, where each application may have wildly different traffic patterns.
Algolia - Algolia is a Search as a Service provider. They use
isolated-vm
to power their Custom Crawler product,
which allows them to safely execute user-provided code for content extraction.
Tripadvisor - Tripadvisor is the worldβs largest travel platform.
They use isolated-vm
to server-side render thousands of React pages per second.
Running untrusted code is an extraordinarily difficult problem which must be approached with great
care. Use of isolated-vm
to run untrusted code does not automatically make your application safe.
Through carelessness or misuse of the library it can be possible to leak sensitive data or grant
undesired privileges to an isolate.
At a minimum you should take care not to leak any instances of isolated-vm
objects (Reference
,
ExternalCopy
, etc) to untrusted code. It is usually trivial for an attacker to use these instances
as a springboard back into the nodejs isolate which will yield complete control over a process.
Additionally, it is wise to keep nodejs up to date through point releases which affect v8. You can find these on the nodejs changelog by looking for entries such as "update V8 to 9.1.269.36 (MichaΓ«l Zasso) #38273". Historically there have usually been 3-5 of these updates within a single nodejs LTS release cycle. It is not recommended to use odd-numbered nodejs releases since these frequently break ABI and API compatibility and isolated-vm doesn't aim to be compatible with bleeding edge v8.
v8 is a relatively robust runtime, but there are always new and exciting ways to crash, hang,
exploit, or otherwise disrupt a process with plain old JavaScript. Your application must be
resilient to these kinds of issues and attacks. It's a good idea to keep instances of isolated-vm
in a different nodejs process than other critical infrastructure.
If advanced persistent threats are within your threat model it's a very good idea to architect your application using a foundation similar to Chromium's site isolation. You'll also need to make sure to keep your system kernel up to date against local privilege escalation attacks. Running your service in a container such as a Docker may be a good idea but it is important to research container escape attacks as well.
Since isolates share no resources with each other, most of this API is built to provide primitives
which make marshalling data between many isolates quick and easy. The only way to pass data from one
isolate to another is to first make that data transferable. Primitives (except for Symbol
) are
always transferable. This means if you invoke a function in a different isolate with a number or
string as the argument, it will work fine. If you need to pass more complex information you will
have to first make the data transferable with one of the methods here.
Most methods will provide both a synchronous and an asynchronous version. Calling the synchronous functions will block your thread while the method runs and eventually returns a value. The asynchronous functions will return a Promise while the work runs in a separate thread pool.
There are some rules about which functions may be called from certain contexts:
Additionally, some methods will provide an "ignored" version which runs asynchronously but returns no promise. This can be a good option when the calling isolate would ignore the promise anyway, since the ignored versions can skip an extra thread synchronization. Just be careful because this swallows any thrown exceptions which might make problems hard to track down.
It's also worth noting that all asynchronous invocations will run in the order they were queued,
regardless of whether or not you wait on them. So, for instance, you could call several "ignored"
methods in a row and then await
on a final async method to observe some side-effect of the
ignored methods.
Isolate
[transferable]This is the main reference to an isolate. Every handle to an isolate is transferable, which means
you can give isolates references to each other. An isolate will remain valid as long as someone
holds a handle to the isolate or anything created inside that isolate. Once an isolate is lost the
garbage collector should eventually find it and clean up its memory. Since an isolate and all it
contains can represent quite a large chunk of memory though you may want to explicitly call the
dispose()
method on isolates that you are finished with to get that memory back immediately.
new ivm.Isolate(options)
options
[object]
memoryLimit
[number] - Memory limit that this isolate may use, in MB. Note that this is more
of a guideline instead of a strict limit. A determined attacker could use 2-3 times this limit
before their script is terminated. Against non-hostile code this limit should be pretty close. The
default is 128MB and the minimum is 8MB.inspector
[boolean] - Enable v8 inspector support in this isolate. See
inspector-example.js
in this repository for an example of how to use this.snapshot
[ExternalCopy[ArrayBuffer]] - This is an optional snapshot created from
createSnapshot
which will be used to initialize the heap of this isolate.onCatastrophicError
[function] - Callback to be invoked when a very bad error occurs. If
this is invoked it means that v8 has lost all control over the isolate, and all resources in use
are totally unrecoverable. If you receive this error you should log the error, stop serving
requests, finish outstanding work, and end the process by calling process.abort()
.ivm.Isolate.createSnapshot(scripts, warmup_script)
scripts
[array]
code
[string] - Source code to set up this snapshot{ ...ScriptOrigin }
warmup_script
[string] - Optional script to "warmup" the snapshot by triggering code
compilationπ¨ You should not use this feature. It was never all that stable to begin with and has grown increasingly unstable due to changes in v8.
Note: createSnapshot
does not provide the same isolate protection like the rest of
isolated-vm. If the script passed to createSnapshot
uses too much memory the process will crash,
and if it has an infinite loop it will stall the process. Furthermore newer v8 features may simply
fail when attempting to take a snapshot that uses them. It is best to snapshot code that only
defines functions, class, and simple data structures.
isolate.compileScript(code)
Promiseisolate.compileScriptSync(code)
code
[string] - The JavaScript code to compile.
options
[object]
return A Script
object.
Note that a Script
can only run in the isolate which created it.
isolate.compileModule(code)
Promiseisolate.compileModuleSync(code)
code
[string] - The JavaScript code to compile.
options
[object]
meta
[function] - Callback which will be invoked the first time this module accesses
import.meta
. The meta
object will be passed as the first argument. This option may only be
used when invoking compileModule
from within the same isolate.
return A Module
object.
Note that a Module
can only run in the isolate which created it.
isolate.createContext()
Promiseisolate.createContextSync()
options
[object]
inspector
[boolean] - Enable the v8 inspector for this context. The inspector must have been
enabled for the isolate as well.return A Context
object.
isolate.dispose()
Destroys this isolate and invalidates all references obtained from it.
isolate.getHeapStatistics()
Promiseisolate.getHeapStatisticsSync()
Returns heap statistics from v8. The return value is almost identical to the nodejs function
v8.getHeapStatistics().
This function returns one additional property: externally_allocated_size
which is the total amount
of currently allocated memory which is not included in the v8 heap but counts against this isolate's
memoryLimit
. ArrayBuffer instances over a certain size are externally allocated and will be
counted here.
isolate.cpuTime
bigintisolate.wallTime
bigintThe total CPU and wall time spent in this isolate, in nanoseconds. CPU time is the amount of time the isolate has spent actively doing work on the CPU. Wall time is the amount of time the isolate has been running, including passive time spent waiting (think "wall" like a clock on the wall). For instance, if an isolate makes a call into another isolate, wall time will continue increasing while CPU time will remain the same.
Note that in nodejs v10.x the return value is a regular number, since bigint isn't supported on earlier versions.
Also note that CPU time may vary drastically if there is contention for the CPU. This could occur if
other processes are trying to do work, or if you have more than require('os').cpus().length
isolates currently doing work in the same nodejs process.
isolate.isDisposed
[boolean]Flag that indicates whether this isolate has been disposed.
isolate.referenceCount
[number]Returns the total count of active Reference
instances that belong to this isolate. Note that in
certain cases many Reference
instances in JavaScript will point to the same underlying reference
handle, in which case this number will only reflect the underlying reference handle. This happens
when you transfer a Reference
instance via some method which accepts transferable values. This
will also include underlying reference handles created by isolated-vm like Script
or Context
objects.
isolate.startCpuProfiler(title)
[void]Start a CPU profiler in the isolate, for performance profiling. It only collects cpu profiles when the isolate is active in a thread.
isolate.stopCpuProfiler(title)
[Promise<Array>]Stop a CPU profiler previously started using the same title. It returns an array of profiles dependening on how many times the isolate get activated in a thread.
ThreadCpuProfile
objects.Context
[transferable]A context is a sandboxed execution environment within an isolate. Each context contains its own built-in objects and global space.
context.global
Reference
Reference
to this context's global object. Note that if you call
context.release()
the global reference will be released as well.
context.eval(code, options)
Promisecontext.evalIgnored(code, options)
context.evalSync(code, options)
code
[string] - The code to runoptions
[object]
timeout
[number] - Maximum amount of time in milliseconds this script is allowed to run
before execution is canceled. Default is no timeout.{ ...ScriptOrigin }
{ ...TransferOptions }
Compiles and executes a script within a context. This will return the last value evaluated, as long
as that value was transferable, otherwise undefined
will be returned.
context.evalClosure(code, arguments, options)
Promisecontext.evalClosureIgnored(code, arguments, options)
context.evalClosureSync(code, arguments, options)
code
[string] - The code to runarguments
*[array]` - Arguments to pass to this codeoptions
[object]
timeout
[number] - Maximum amount of time in milliseconds this script is allowed to run
before execution is canceled. Default is no timeout.{ ...ScriptOrigin }
arguments
[object]
result
[object]
Compiles and runs code as if it were inside a function, similar to the seldom-used new Function(code)
constructor. You can pass arguments to the function and they will be available as
$0
, $1
, and so on. You can also use return
from the code.
context.release()
Releases this reference to the context. You can call this to free up v8 resources immediately, or you can let the garbage collector handle it when it feels like it. Note that if there are other references to this context it will not be disposed. This only affects this reference to the context.
Script
[transferable]A script is a compiled chunk of JavaScript which can be executed in any context within a single isolate.
script.release()
Releases the reference to this script, allowing the script data to be garbage collected. Functions
and data created in the isolate by previous invocations to script.run(...)
will still be alive in
their respective contexts-- this only means that you can't invoke script.run(...)
again with this
reference.
script.run(context, options)
Promisescript.runIgnored(context, options)
script.runSync(context, options)
context
Context
- The context in which this script will run.options
[object]
release
[boolean] - If true release()
will automatically be called on this instance.timeout
[number] - Maximum amount of time in milliseconds this script is allowed to run
before execution is canceled. Default is no timeout.{ ...TransferOptions }
Runs a given script within a context. This will return the last value evaluated in a given script,
as long as that value was transferable, otherwise undefined
will be returned. For instance if your
script was "let foo = 1; let bar = 2; bar = foo + bar" then the return value will be 3 because that
is the last expression.
Module
[transferable]A JavaScript module. Note that a Module
can only run in the isolate which created it.
module.dependencySpecifiers
A read-only array of all dependency specifiers the module has.
const code = `import something from './something';`;
const module = await isolate.compileModule(code);
const dependencySpecifiers = module.dependencySpecifiers;
// dependencySpecifiers => ["./something"];
module.namespace
Returns a Reference
containing all exported values.
module.instantiate(context, resolveCallback)
Promisemodule.instantiateSync(context, resolveCallback)
context
Context
- The context the module should use.resolveCallback
- This callback is responsible for resolving all direct and indirect
dependencies of this module. It accepts two parameters: specifier
and referrer
. It must return a
Module
instance which will be used to satisfy the dependency. The asynchronous version of
instantiate
may return a promise from resolveCallback
.Instantiate the module together with all its dependencies. Calling this more than once on a single module will have no effect.
module.evaluate(options)
Promisemodule.evaluateSync(options)
options
[object] - Optional.
timeout
[number] - Maximum amount of time in milliseconds this module is allowed to
run before execution is canceled. Default is no timeout.Evaluate the module and return the last expression (same as script.run). If evaluate
is called
more than once on the same module the return value from the first invocation will be returned (or
thrown).
Note: nodejs v14.8.0 enabled top-level await by default which has the effect of breaking the return value of this function.
module.release()
Releases this module. This behaves the same as other .release()
methods.
Callback
[transferable]Callbacks can be used to create cross-isolate references to simple functions. This can be easier and
safer than dealing with the more flexible Reference
class.
Arguments passed to and returned from callbacks are always copied using the same method as
ExternalCopy
. When transferred to another isolate, instances
of Callback
will turn into a plain old function. Callbacks are created automatically when passing
functions to most isolated-vm functions.
new ivm.Callback(fn, options)
options
[object]
async
[boolean] - Function will invoke the callback in "async" mode, which immediately
returns a promise.ignored
[boolean] - Function will invoke the callback in "ignored" mode, which immediately
returns undefined
and ignores the result of the function (including thrown exceptions)sync
[boolean] - Function will invoke the callback in "sync" mode, blocking for a response
(default).Reference
[transferable]A instance of Reference
is a pointer to a value stored in any isolate.
new ivm.Reference(value, options)
value
- The value to create a reference to.options
[object]
unsafeInherit
[boolean] - If enabled then the get
family of functions will follow the
object's prototype chain. References created with this option should never be given to untrusted
code.reference.typeof
[string]This is the typeof the referenced value, and is available at any time from any isolate. Note that
this differs from the real typeof
operator in that null
is "null", and Symbols are "object".
reference.copy()
Promisereference.copySync()
Creates a copy of the referenced value and internalizes it into this isolate. This uses the same
copy rules as ExternalCopy
.
reference.deref()
options
[object]
release
[boolean] - If true release()
will automatically be called on this instance.Will attempt to return the actual value or object pointed to by this reference. Note that in order to call this function the reference must be owned by the current isolate, otherwise an error will be thrown.
reference.derefInto()
options
[object]
release
[boolean] - If true release()
will automatically be called on this instance.Returns an object, which when passed to another isolate will cause that isolate to dereference the handle.
reference.release()
Releases this reference. If you're passing around a lot of references between isolates it's wise to release the references when you are done. Otherwise you may run into issues with isolates running out of memory because other isolates haven't garbage collected recently. After calling this method all attempts to access the reference will throw an error.
reference.delete(property)
Promisereference.deleteIgnored(property)
reference.deleteSync(property)
property
[transferable] - The property to access on this object.Delete a property from this reference, as if using delete reference[property]
reference.get(property, options)
Promisereference.getSync(property, options)
property
[transferable] - The property to access on this object.options
[object]
accessors
[boolean] - Whether or not to invoke accessors and proxies on the underlying
object. Note that there is no way to supply a timeout to this function so only use this option in
trusted code.{ ...TransferOptions }
Reference
object.Will access a reference as if using reference[property]
and transfer the value out.
If the object is a proxy, or if the property is a getter, this method will throw unless the
accessors
option is true.
reference.set(property, value, options)
Promisereference.setIgnored(property, value, options)
reference.setSync(property, value, options)
property
[transferable] - The property to set on this object.value
[transferable] - The value to set on this object.options
[object]
reference.apply(receiver, arguments, options)
Promisereference.applyIgnored(receiver, arguments, options)
reference.applySync(receiver, arguments, options)
reference.applySyncPromise(receiver, arguments, options)
receiver
[transferable] - The value which will be this
.arguments
[array] - Array of transferables which will be passed to the function.options
[object]
timeout
[number] - Maximum amount of time in milliseconds this function is allowed to run
before execution is canceled. Default is no timeout.arguments
[object]
result
[object]
Will attempt to invoke an object as if it were a function. If the return value is transferable it
will be returned to the caller of apply
, otherwise it will return an instance of Reference
. This
behavior can be changed with the result
options.
applySyncPromise
is a special version of applySync
which may only be invoked on functions
belonging to the default isolate AND may only be invoked from a non-default thread. Functions
invoked in this way may return a promise and the invoking isolate will wait for that promise to
resolve before resuming execution. You can use this to implement functions like readFileSync
in a
way that doesn't block the default isolate. Note that the invoking isolate will not respond to any
async functions until this promise is resolved, however synchronous functions will still function
correctly. Misuse of this feature may result in deadlocked isolates, though the default isolate
will never be at risk of a deadlock.
ExternalCopy
[transferable]Instances of this class represent some value that is stored outside of any v8 isolate. This value can then be quickly copied into any isolate without any extra thread synchronization.
new ivm.ExternalCopy(value, options)
value
- The value to copy.options
[object]
transferList
[boolean] - An array of ArrayBuffer
instances to transfer ownership. This
behaves in a similar way to
postMessage
.transferOut
[boolean] - If true this will release ownership of the given resource from this
isolate. This operation completes in constant time since it doesn't have to copy an arbitrarily
large object. This only applies to ArrayBuffer and TypedArray instances.Primitive values can be copied exactly as they are. Date objects will be copied as Dates. ArrayBuffers, TypedArrays, and DataViews will be copied in an efficient format. SharedArrayBuffers will simply copy a reference to the existing memory and when copied into another isolate the new SharedArrayBuffer will point to the same underlying data. After passing a SharedArrayBuffer to ExternalCopy for the first time isolated-vm will take over management of the underlying memory block, so a "copied" SharedArrayBuffer can outlive the isolate that created the memory originally.
All other objects will be copied in seralized form using the structured clone algorithm.
ExternalCopy
can copy objects with deeply nested transferable objects. For example:
let isolate = new ivm.Isolate;
let context = isolate.createContextSync();
let global = context.global;
let data = new ExternalCopy({ isolate, context, global });
ExternalCopy.totalExternalSize
[number]This is a static property which will return the total number of bytes that isolated-vm has allocated
outside of v8 due to instances of ExternalCopy
.
externalCopy.copy(options)
options
[object]
release
[boolean] - If true release()
will automatically be called on this instance.transferIn
[boolean] - If true this will transfer the resource directly into this isolate,
invalidating the ExternalCopy handle.Internalizes the ExternalCopy data into this isolate.
externalCopy.copyInto(options)
options
[object]
release
[boolean] - If true release()
will automatically be called on this instance.transferIn
[boolean] - If true this will transfer the resource directly into this isolate,
invalidating the ExternalCopy handle.Returns an object, which when passed to another isolate will cause that isolate to internalize a copy of this value.
externalCopy.release()
Releases the reference to this copy. If there are other references to this copy elsewhere the copy will still remain in memory, but this handle will no longer be active. Disposing ExternalCopy instances isn't super important, v8 is a lot better at cleaning these up automatically because there's no inter-isolate dependencies.
Many methods in this library accept common options between them. They are documented here instead of being colocated with each instance.
CachedDataOptions
cachedData
[ExternalCopy[ArrayBuffer]] - This will consume cached compilation data from a
previous call to this function. cachedDataRejected
will be set to true
if the supplied data
was rejected by V8.produceCachedData
[boolean] - Produce V8 cache data. Similar to the
VM.Script option of the same name. If this is true then the
returned object will have cachedData
set to an ExternalCopy handle. Note that this differs from
the VM.Script option slightly in that cachedDataProduced
is never set.Most functions which compile or run code can produce and consume cached data. You can produce cached
data and use the data in later invocations to drastically speed up parsing of the same script. You
can even save this data to disk and use it in a different process. You can set both cachedData
and
produceCachedData
, in which case new cached data will only be produced if the data supplied was
invalid.
NOTE: CachedData contains compiled machine code. That means you should not accept cachedData
payloads from a user, otherwise they may be able to run arbitrary code.
ScriptOrigin
filename
[string] - Filename of this source codecolumnOffset
[number] - Column offset of this source codelineOffset
[number] - Line offset of this source codeYou may optionally specify information on compiled code's filename. This is used in various
debugging contexts within v8, including stack traces and the inspector. It is recommended to use a
valid URI scheme, for example: { filename: 'file:///test.js' }
, otherwise some devtools may
malfunction.
TransferOptions
copy
[boolean] - Automatically deep copy valueexternalCopy
[boolean] - Automatically wrap value in ExternalCopy
instancereference
[boolean] - Automatically wrap value in Reference
instancepromise
[boolean] - Automatically proxy any returned promises between isolates. This can be
used in combination with the other transfer options.Any function which moves data between isolates will accept these transfer options. By default only [transferable] values may pass between isolates. Without specifying one of these options the function may ignore the value, throw, or wrap it in a reference depending on the context.
More advanced situations like transferring ownership of ArrayBuffer
instances will require direct
use of ExternalCopy
or
Reference
.
ThreadCpuProfile
It's a object that contains a thread id and a CpuProfile info.
threadId
[number] - The thread that isolate runs on.profile
[CpuProfile] - The CpuProfile.CpuProfile
The CpuProfile Object that can be JSON.stringify(cpuProfile)
, and save to any external file system
for later reloaded into chrome dev tool or any other js performance tool to review.
The format should matches the definition in: https://chromedevtools.github.io/devtools-protocol/tot/Profiler/#type-Profile
startTime
[number] - The start timestamp when calling .startProfiling
.endTime
[number] - The end timestamp when calling .stopProfiling
,samples
[Array] - All sample node id has been collected.timeDeltas
[Array] - All the time deltas related to the samples
.nodes
[Array]
hitCount
[number]id
[id]children
[Array]callFrame
[CallFrame]
functionName
[string]url
[string] - The filename
used in ScriptOrigin
scriptId
[number]lineNumber
[number]columnNumber
[number]bailoutReason
[string?] - When the JavaScript function bailed out from v8 optimization,
this field will present.Below is a sample program which shows basic usage of the library.
// Create a new isolate limited to 128MB
const ivm = require('isolated-vm');
const isolate = new ivm.Isolate({ memoryLimit: 128 });
// Create a new context within this isolate. Each context has its own copy of all the builtin
// Objects. So for instance if one context does Object.prototype.foo = 1 this would not affect any
// other contexts.
const context = isolate.createContextSync();
// Get a Reference{} to the global object within the context.
const jail = context.global;
// This makes the global object available in the context as `global`. We use `derefInto()` here
// because otherwise `global` would actually be a Reference{} object in the new isolate.
jail.setSync('global', jail.derefInto());
// We will create a basic `log` function for the new isolate to use.
jail.setSync('log', function(...args) {
console.log(...args);
});
// And let's test it out:
context.evalSync('log("hello world")');
// > hello world
// Let's see what happens when we try to blow the isolate's memory
const hostile = isolate.compileScriptSync(`
const storage = [];
const twoMegabytes = 1024 * 1024 * 2;
while (true) {
const array = new Uint8Array(twoMegabytes);
for (let ii = 0; ii < twoMegabytes; ii += 4096) {
array[ii] = 1; // we have to put something in the array to flush to real memory
}
storage.push(array);
log('I\\'ve wasted '+ (storage.length * 2)+ 'MB');
}
`);
// Using the async version of `run` so that calls to `log` will get to the main node isolate
hostile.run(context).catch(err => console.error(err));
// I've wasted 2MB
// I've wasted 4MB
// ...
// I've wasted 130MB
// I've wasted 132MB
// RangeError: Array buffer allocation failed
There is only 1 frequently asked question:
"How do I pass a [module, function, object, library] into an isolate?"
You don't! Isolates are isolated
. An isolate is its own environment with its own heap which is
isolated from all other isolates. It may help to think of the question in the context of a
web browser. How would you pass a function from nodejs into Firefox? You can't, it is nonsense.
Depending on the function you could just pass the code for the function directly into the isolate
and execute it there. That's how a <script />
tag works in our browser metaphor. This works for
functions that don't need to do anything such as file access or network requests. Check out Webpack,
Rollup, esbuild, etc for bundling solutions.
If you want to perform operations on files, network, native modules, etc then you will need to set up some kind of shim delegate which can perform the operation within nodejs and pass the result back to your isolate. In the browser metaphor this would be like a REST call back to your service.
Finally, and I'm not trying to be mean here, if this explanation doesn't make sense then you really should not be using this module. This is a low-level module which is just one piece of a very complicated problem. If your goal is to run code from untrusted sources then you must have a very comprehensive understanding of JavaScript. You should know where the ECMAScript specification ends and where the HTML, DOM, and other web specifications begin. You should be a security-focused hacker, otherwise you will almost certain make a company-ending mistake. This is not a module for the faint of heart. Turn back now!
Below is a quick summary of some other options available on nodejs and how they differ from isolated-vm. The table headers are defined as follows:
require
supported out of the boxModule | Secure | Memory Limits | Isolated | Multithreaded | Module Support | Inspector Support |
---|---|---|---|---|---|---|
vm | β | β | ||||
worker_threads | β | β | β | β | ||
vm2 | β | β | ||||
tiny-worker | β | β | ||||
isolated-vm | β | β | β | β | β |
FAQs
Access to multiple isolates
The npm package isolated-vm receives a total of 164,122 weekly downloads. As such, isolated-vm popularity was classified as popular.
We found that isolated-vm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.