From 4b22e87b102d97d45d112a0931dba1aef7eea049 Mon Sep 17 00:00:00 2001
From: XmiliaH <xmilia.hermit@gmail.com>
Date: Wed, 12 Apr 2023 10:25:46 +0200
Subject: [PATCH 1/3] Ensure every catch block is protected

---
 lib/transformer.js | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/lib/transformer.js b/lib/transformer.js
index 9919453..47c5ac9 100644
--- a/lib/transformer.js
+++ b/lib/transformer.js
@@ -113,12 +113,23 @@ function transformer(args, body, isAsync, isGenerator, filename) {
 		if (nodeType === 'CatchClause') {
 			const param = node.param;
 			if (param) {
-				if (param.type === 'ObjectPattern') {
+				if (param.type === 'Identifier') {
+					const name = assertType(param, 'Identifier').name;
+					const cBody = assertType(node.body, 'BlockStatement');
+					if (cBody.body.length > 0) {
+						insertions.push({
+							__proto__: null,
+							pos: cBody.body[0].start,
+							order: TO_LEFT,
+							coder: () => `${name}=${INTERNAL_STATE_NAME}.handleException(${name});`
+						});
+					}
+				} else {
 					insertions.push({
 						__proto__: null,
 						pos: node.start,
 						order: TO_RIGHT,
-						coder: () => `catch(${tmpname}){try{throw(${tmpname}=${INTERNAL_STATE_NAME}.handleException(${tmpname}));}`
+						coder: () => `catch(${tmpname}){${tmpname}=${INTERNAL_STATE_NAME}.handleException(${tmpname});try{throw ${tmpname};}`
 					});
 					insertions.push({
 						__proto__: null,
@@ -126,17 +137,6 @@ function transformer(args, body, isAsync, isGenerator, filename) {
 						order: TO_LEFT,
 						coder: () => `}`
 					});
-				} else {
-					const name = assertType(param, 'Identifier').name;
-					const cBody = assertType(node.body, 'BlockStatement');
-					if (cBody.body.length > 0) {
-						insertions.push({
-							__proto__: null,
-							pos: cBody.body[0].start,
-							order: TO_LEFT,
-							coder: () => `${name}=${INTERNAL_STATE_NAME}.handleException(${name});`
-						});
-					}
 				}
 			}
 		} else if (nodeType === 'WithStatement') {

From f3db4dee4d76b19869df05ba7880d638a880edd5 Mon Sep 17 00:00:00 2001
From: XmiliaH <xmilia.hermit@gmail.com>
Date: Wed, 12 Apr 2023 10:27:04 +0200
Subject: [PATCH 2/3] Handle host errors captured in Promises

---
 lib/setup-sandbox.js | 39 ++++++++++++++++++++++++++-------------
 1 file changed, 26 insertions(+), 13 deletions(-)

diff --git a/lib/setup-sandbox.js b/lib/setup-sandbox.js
index 539ce04..71afa52 100644
--- a/lib/setup-sandbox.js
+++ b/lib/setup-sandbox.js
@@ -439,23 +439,36 @@ global.eval = new LocalProxy(localEval, EvalHandler);
  * Promise sanitization
  */
 
-if (localPromise && !allowAsync) {
+if (localPromise) {
 
 	const PromisePrototype = localPromise.prototype;
 
-	overrideWithProxy(PromisePrototype, 'then', PromisePrototype.then, AsyncErrorHandler);
-	// This seems not to work, and will produce
-	// UnhandledPromiseRejectionWarning: TypeError: Method Promise.prototype.then called on incompatible receiver [object Object].
-	// This is likely caused since the host.Promise.prototype.then cannot use the VM Proxy object.
-	// Contextify.connect(host.Promise.prototype.then, Promise.prototype.then);
+	if (!allowAsync) {
+
+		overrideWithProxy(PromisePrototype, 'then', PromisePrototype.then, AsyncErrorHandler);
+		// This seems not to work, and will produce
+		// UnhandledPromiseRejectionWarning: TypeError: Method Promise.prototype.then called on incompatible receiver [object Object].
+		// This is likely caused since the host.Promise.prototype.then cannot use the VM Proxy object.
+		// Contextify.connect(host.Promise.prototype.then, Promise.prototype.then);
+
+	} else {
+
+		overrideWithProxy(PromisePrototype, 'then', PromisePrototype.then, {
+			__proto__: null,
+			apply(target, thiz, args) {
+				if (args.length > 1) {
+					const onRejected = args[1];
+					if (typeof onRejected === 'function') {
+						args[1] = function wrapper(error) {
+							error = ensureThis(error);
+							return localReflectApply(onRejected, this, [error]);
+						};
+					}
+				}
+				return localReflectApply(target, thiz, args);
+			}
+		});
 
-	if (PromisePrototype.finally) {
-		overrideWithProxy(PromisePrototype, 'finally', PromisePrototype.finally, AsyncErrorHandler);
-		// Contextify.connect(host.Promise.prototype.finally, Promise.prototype.finally);
-	}
-	if (Promise.prototype.catch) {
-		overrideWithProxy(PromisePrototype, 'catch', PromisePrototype.catch, AsyncErrorHandler);
-		// Contextify.connect(host.Promise.prototype.catch, Promise.prototype.catch);
 	}
 
 }

From 4f63dc23fecabc79ee1501fde6e9e83c524d6466 Mon Sep 17 00:00:00 2001
From: XmiliaH <xmilia.hermit@gmail.com>
Date: Mon, 17 Apr 2023 16:56:33 +0200
Subject: [PATCH 3/3] Release 3.9.17

---
 CHANGELOG.md | 4 ++++
 package.json | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0fbc31b..2a28da1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+v3.9.17 (2023-04-17)
+--------------------
+[fix] Multiple security fixes.
+
 v3.9.16 (2023-04-11)
 --------------------
 [fix] Security fix (see https://github.com/patriksimek/vm2/issues/516).
diff --git a/package.json b/package.json
index 685d41b..600dee8 100644
--- a/package.json
+++ b/package.json
@@ -13,7 +13,7 @@
     "alcatraz",
     "contextify"
   ],
-  "version": "3.9.16",
+  "version": "3.9.17",
   "main": "index.js",
   "sideEffects": false,
   "repository": "github:patriksimek/vm2",