fix: Handle circular dependencies in serialize method

Author: kamilogorek

CHANGELOG.md

@@ -5,12 +5,15 @@
 - [core] feat: Deprecate `captureEvent`, prefer `sendEvent` for transports. `sendEvent` now takes a string (body)
   instead of `Event` object.
 - [core] feat: Use correct buffer for requests in transports
-- [node] feat: Add file cache for providing pre/post context in frames
-- [node] feat: New option `frameContextLines`, if set to `0` we do not provide source code pre/post context, default is
-  `7` lines pre/post
 - [core]: ref: Change way how transports are initialized
 - [core]: ref: Rename `RequestBuffer` to `PromiseBuffer`, also introduce limit
+- [core]: fix: Check if value is error object in extraErrorData integration
 - [browser] fix: Prevent empty exception values
+- [browser]: fix: Permission denied to access property name
+- [node] feat: Add file cache for providing pre/post context in frames
+- [node] feat: New option `frameContextLines`, if set to `0` we do not provide source code pre/post context, default is
+  `7` lines pre/post
+- [utils] fix: Use custom serializer inside `serialize` method to prevent circular references
 
 ## 4.4.2
 

packages/browser/src/integrations/trycatch.ts

@@ -210,9 +210,12 @@ export class TryCatch implements Integration {
   }
 }
 
+/**
+ * Safely extract function name from itself
+ */
 function getFunctionName(fn: any): string {
   try {
-    return fn && fn.name || '<anonymous>';
+    return (fn && fn.name) || '<anonymous>';
   } catch (e) {
     // Just accessing custom props in some Selenium environments
     // can cause a "Permission denied" exception (see raven-js#495).

packages/utils/src/object.ts

@@ -11,17 +11,12 @@ interface ExtendedError extends Error {
 /**
  * Serializes the given object into a string.
  * Like JSON.stringify, but doesn't throw on circular references.
- * Based on a `json-stringify-safe` package and modified to handle Errors serialization.
- *
- * The object must be serializable, i.e.:
- *  - Only primitive types are allowed (object, array, number, string, boolean)
- *  - Its depth should be considerably low for performance reasons
  *
  * @param object A JSON-serializable object.
  * @returns A string containing the serialized object.
  */
 export function serialize<T>(object: T): string {
-  return JSON.stringify(object);
+  return JSON.stringify(object, serializer({ normalize: false }));
 }
 
 /**
@@ -105,34 +100,12 @@ function jsonSize(value: any): number {
 
 /** JSDoc */
 function serializeValue<T>(value: T): T | string {
-  const maxLength = 40;
-
   if (typeof value === 'string') {
+    const maxLength = 40;
     return value.length <= maxLength ? value : `${value.substr(0, maxLength - 1)}\u2026`;
-  } else if (typeof value === 'number' || typeof value === 'boolean' || typeof value === 'undefined') {
-    return value;
-  } else if (isNaN(value)) {
-    // NaN and undefined are not JSON.parseable, but we want to preserve this information
-    return '[NaN]';
-  } else if (isUndefined(value)) {
-    return '[undefined]';
+  } else {
+    return normalizeValue(value) as T;
   }
-
-  const type = Object.prototype.toString.call(value);
-
-  // Node.js REPL notation
-  if (type === '[object Object]') {
-    return '[Object]';
-  }
-  if (type === '[object Array]') {
-    return '[Array]';
-  }
-  if (type === '[object Function]') {
-    const name = ((value as any) as (() => void)).name;
-    return name ? `[Function: ${name}]` : '[Function]';
-  }
-
-  return value;
 }
 
 /** JSDoc */
@@ -261,13 +234,13 @@ function objectifyError(error: ExtendedError): object {
 }
 
 /**
- * standardizeValue()
+ * normalizeValue()
  *
  * translates undefined/NaN values to "[undefined]"/"[NaN]" respectively,
  * serializes Error objects
  * filter global objects
  */
-function standardizeValue(value: any, key: any): any {
+function normalizeValue(value: any, key?: any): any {
   if (key === 'domain' && typeof value === 'object' && (value as { _events: any })._events) {
     return '[Domain]';
   }
@@ -312,18 +285,18 @@ function standardizeValue(value: any, key: any): any {
 }
 
 /**
- * standardizer()
+ * serializer()
  *
  * Remove circular references,
  * translates undefined/NaN values to "[undefined]"/"[NaN]" respectively,
  * and takes care of Error objects serialization
  */
-function standardizer(): (key: string, value: any) => any {
+function serializer(options: { normalize: boolean } = { normalize: true }): (key: string, value: any) => any {
   const stack: any[] = [];
   const keys: string[] = [];
 
   /** recursive */
-  function cycleStandardizer(_key: string, value: any): any {
+  function cycleserializer(_key: string, value: any): any {
     if (stack[0] === value) {
       return '[Circular ~]';
     }
@@ -344,24 +317,24 @@ function standardizer(): (key: string, value: any) => any {
 
       if (stack.indexOf(value) !== -1) {
         // tslint:disable-next-line:no-parameter-reassignment
-        value = cycleStandardizer.call(this, key, value);
+        value = cycleserializer.call(this, key, value);
       }
     } else {
       stack.push(value);
     }
 
-    return standardizeValue(value, key);
+    return options.normalize ? normalizeValue(value, key) : value;
   };
 }
 
 /**
  * safeNormalize()
  *
- * Creates a copy of the input by applying standardizer function on it and parsing it back to unify the data
+ * Creates a copy of the input by applying serializer function on it and parsing it back to unify the data
  */
 export function safeNormalize(input: any): any {
   try {
-    return JSON.parse(JSON.stringify(input, standardizer()));
+    return JSON.parse(JSON.stringify(input, serializer({ normalize: true })));
   } catch (_oO) {
     return '**non-serializable**';
   }

packages/utils/test/object.test.ts

@@ -22,6 +22,115 @@ describe('serialize()', () => {
       expect(serialize(entry.object)).toEqual(entry.serialized);
     });
   }
+
+  describe('cyclical structures', () => {
+    test('circular objects', () => {
+      const obj = { name: 'Alice' };
+      // @ts-ignore
+      obj.self = obj;
+      expect(serialize(obj)).toEqual(JSON.stringify({ name: 'Alice', self: '[Circular ~]' }));
+    });
+
+    test('circular objects with intermediaries', () => {
+      const obj = { name: 'Alice' };
+      // @ts-ignore
+      obj.identity = { self: obj };
+      expect(serialize(obj)).toEqual(JSON.stringify({ name: 'Alice', identity: { self: '[Circular ~]' } }));
+    });
+
+    test('circular objects deeper', () => {
+      const obj = { name: 'Alice', child: { name: 'Bob' } };
+      // @ts-ignore
+      obj.child.self = obj.child;
+      expect(serialize(obj)).toEqual(
+        JSON.stringify({
+          name: 'Alice',
+          child: { name: 'Bob', self: '[Circular ~.child]' },
+        }),
+      );
+    });
+
+    test('circular objects deeper with intermediaries', () => {
+      const obj = { name: 'Alice', child: { name: 'Bob' } };
+      // @ts-ignore
+      obj.child.identity = { self: obj.child };
+      expect(serialize(obj)).toEqual(
+        JSON.stringify({
+          name: 'Alice',
+          child: { name: 'Bob', identity: { self: '[Circular ~.child]' } },
+        }),
+      );
+    });
+
+    test('circular objects in an array', () => {
+      const obj = { name: 'Alice' };
+      // @ts-ignore
+      obj.self = [obj, obj];
+      expect(serialize(obj)).toEqual(
+        JSON.stringify({
+          name: 'Alice',
+          self: ['[Circular ~]', '[Circular ~]'],
+        }),
+      );
+    });
+
+    test('circular objects deeper in an array', () => {
+      const obj = {
+        name: 'Alice',
+        children: [{ name: 'Bob' }, { name: 'Eve' }],
+      };
+      // @ts-ignore
+      obj.children[0].self = obj.children[0];
+      // @ts-ignore
+      obj.children[1].self = obj.children[1];
+      expect(serialize(obj)).toEqual(
+        JSON.stringify({
+          name: 'Alice',
+          children: [
+            { name: 'Bob', self: '[Circular ~.children.0]' },
+            { name: 'Eve', self: '[Circular ~.children.1]' },
+          ],
+        }),
+      );
+    });
+
+    test('circular arrays', () => {
+      const obj: object[] = [];
+      obj.push(obj);
+      obj.push(obj);
+      expect(serialize(obj)).toEqual(JSON.stringify(['[Circular ~]', '[Circular ~]']));
+    });
+
+    test('circular arrays with intermediaries', () => {
+      const obj: object[] = [];
+      obj.push({ name: 'Alice', self: obj });
+      obj.push({ name: 'Bob', self: obj });
+      expect(serialize(obj)).toEqual(
+        JSON.stringify([{ name: 'Alice', self: '[Circular ~]' }, { name: 'Bob', self: '[Circular ~]' }]),
+      );
+    });
+
+    test('repeated objects in objects', () => {
+      const obj = {};
+      const alice = { name: 'Alice' };
+      // @ts-ignore
+      obj.alice1 = alice;
+      // @ts-ignore
+      obj.alice2 = alice;
+      expect(serialize(obj)).toEqual(
+        JSON.stringify({
+          alice1: { name: 'Alice' },
+          alice2: { name: 'Alice' },
+        }),
+      );
+    });
+
+    test('repeated objects in arrays', () => {
+      const alice = { name: 'Alice' };
+      const obj = [alice, alice];
+      expect(serialize(obj)).toEqual(JSON.stringify([{ name: 'Alice' }, { name: 'Alice' }]));
+    });
+  });
 });
 
 describe('deserialize()', () => {