Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Symbol.toPrimitive passed to Proxy as property name even when Symbol builtin is not enabled

See original GitHub issue

In Frida we have a Proxy like this:

        const self = new Proxy(this, {
            has(target, property) {
                return hasProperty(property);
            },
            get(target, property, receiver) {
                switch (property) {
                    case "handle":
                        return handle;
                    case "prototype":
                        return target.prototype;
                    case "constructor":
                        return target.constructor;
                    case "hasOwnProperty":
                        return hasProperty;
                    case "toJSON":
                        return toJSON;
                    case "toString":
                    case "valueOf":
                        const descriptionImpl = receiver.description;
                        if (descriptionImpl !== undefined) {
                            const description = descriptionImpl.call(receiver);
                            if (description !== null)
                                return description.UTF8String.bind(description);
                        }
                        return function () {
                            return receiver.$className;
                        };
...

Apparently, in the latest version of duktape the property argument of get() can be a Symbol. In particular when coercing this object to a string, the "toString" property turned into a Symbol.toPrimitive.

The problem is that if we don’t enable the DUK_USE_SYMBOL_BUILTIN configuration, there’s no way to properly compare the property and get to the right case. This is also complicated by the fact we’re using core-js polyfills which have their Symbol implementation which doesn’t help in this case.

This can be solved by enabling DUK_USE_SYMBOL_BUILTIN and just adding case Symbol.toPrimitive: in the switch, but if i understand correctly that’s still experimental.

Maybe i’m wrong but i expected that when Symbol builtins are not there, the property here should be a string as it was before?

Issue Analytics

State:
Created 5 years ago
Comments:13 (9 by maintainers)

Top GitHub Comments

1reaction

svaaralacommented, Aug 30, 2018

Internal Symbol support cannot be fully turned off because at least the internal hidden Symbol properties are needed (Duktape uses them internally). In this case it may be that even without the Symbol built-in a @@toPrimitive lookup is done.

0reactions

mrmacetecommented, Aug 30, 2018

@fatcerberus nope, enabling Symbol built-in just made it possible to handle the case

Top Results From Across the Web

Symbol.toPrimitive - JavaScript - MDN Web Docs

The function is called with a string argument hint , which specifies the preferred type of the result primitive value.

You Don't Know JS: ES6 & Beyond - GitHub Pages

However, we can define our own iterator logic for any object value by setting the Symbol.iterator property, even if that's overriding the default...

Confusion related to Symbol.toprimitive method in js

No, Symbol.toPrimitive is a Symbol, not a function. It's used as the key of an object property whose value should be a function,...

Object to primitive conversion - The Modern JavaScript Tutorial

Let's start from the first method. There's a built-in symbol named Symbol.toPrimitive that should be used to name the conversion method, like ...

Metaprogramming in ES6: Symbols and why they're awesome

You probably use metaprogramming every day perhaps without even noticing it. Metaprogramming has a few "subgenres" - one is Code Generation, aka ...

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.

Start Free

Top Related Reddit Thread

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Symbol.toPrimitive passed to Proxy as property name even when Symbol builtin is not enabled

Issue Analytics

Top GitHub Comments

Top Results From Across the Web

Top Related Medium Post

Top Related StackOverflow Question

Troubleshoot Live Code

Top Related Reddit Thread

Top Related Hackernoon Post

Top Related Tweet

Top Related Dev.to Post

Top Related Hashnode Post

Duktape not returning control to the executor to check for bytecode execution timeout

Custom getters and setters in C/C++