fix(condition): used isolated vms for condition block RCE (#2432)

* fix(condition): used isolated vms for condition block RCE * ack PR comment * one more * remove inputForm from sched, update loop condition to also use isolated vm * hide servicenow
2026-04-28 03:00:29 -04:00 · 2025-12-17 15:29:25 -08:00
parent 7b5405e968
commit c4a6d11cc0
7 changed files with 154 additions and 64 deletions
--- a/apps/sim/executor/orchestrators/loop.ts
+++ b/apps/sim/executor/orchestrators/loop.ts
@@ -1,3 +1,5 @@
+import { generateRequestId } from '@/lib/core/utils/request'
+import { executeInIsolatedVM } from '@/lib/execution/isolated-vm'
 import { createLogger } from '@/lib/logs/console/logger'
 import { buildLoopIndexCondition, DEFAULTS, EDGE } from '@/executor/constants'
 import type { DAG } from '@/executor/dag/builder'
@@ -17,6 +19,8 @@ import type { SerializedLoop } from '@/serializer/types'

 const logger = createLogger('LoopOrchestrator')

+const LOOP_CONDITION_TIMEOUT_MS = 5000
+
 export type LoopRoute = typeof EDGE.LOOP_CONTINUE | typeof EDGE.LOOP_EXIT

 export interface LoopContinuationResult {
@@ -112,7 +116,10 @@ export class LoopOrchestrator {
    scope.currentIterationOutputs.set(baseId, output)
  }

-  evaluateLoopContinuation(ctx: ExecutionContext, loopId: string): LoopContinuationResult {
+  async evaluateLoopContinuation(
+    ctx: ExecutionContext,
+    loopId: string
+  ): Promise<LoopContinuationResult> {
    const scope = ctx.loopExecutions?.get(loopId)
    if (!scope) {
      logger.error('Loop scope not found during continuation evaluation', { loopId })
@@ -123,7 +130,6 @@ export class LoopOrchestrator {
      }
    }

-    // Check for cancellation
    if (ctx.isCancelled) {
      logger.info('Loop execution cancelled', { loopId, iteration: scope.iteration })
      return this.createExitResult(ctx, loopId, scope)
@@ -140,7 +146,7 @@ export class LoopOrchestrator {

    scope.currentIterationOutputs.clear()

-    if (!this.evaluateCondition(ctx, scope, scope.iteration + 1)) {
+    if (!(await this.evaluateCondition(ctx, scope, scope.iteration + 1))) {
      return this.createExitResult(ctx, loopId, scope)
    }

@@ -173,7 +179,11 @@ export class LoopOrchestrator {
    }
  }

-  private evaluateCondition(ctx: ExecutionContext, scope: LoopScope, iteration?: number): boolean {
+  private async evaluateCondition(
+    ctx: ExecutionContext,
+    scope: LoopScope,
+    iteration?: number
+  ): Promise<boolean> {
    if (!scope.condition) {
      logger.warn('No condition defined for loop')
      return false
@@ -184,7 +194,7 @@ export class LoopOrchestrator {
      scope.iteration = iteration
    }

-    const result = this.evaluateWhileCondition(ctx, scope.condition, scope)
+    const result = await this.evaluateWhileCondition(ctx, scope.condition, scope)

    if (iteration !== undefined) {
      scope.iteration = currentIteration
@@ -223,7 +233,6 @@ export class LoopOrchestrator {
    const loopNodes = loopConfig.nodes
    const allLoopNodeIds = new Set([sentinelStartId, sentinelEndId, ...loopNodes])

-    // Clear deactivated edges for loop nodes so error/success edges can be re-evaluated
    if (this.edgeManager) {
      this.edgeManager.clearDeactivatedEdgesForNodes(allLoopNodeIds)
    }
@@ -263,7 +272,7 @@ export class LoopOrchestrator {
   *
   * @returns true if the loop should execute, false if it should be skipped
   */
-  evaluateInitialCondition(ctx: ExecutionContext, loopId: string): boolean {
+  async evaluateInitialCondition(ctx: ExecutionContext, loopId: string): Promise<boolean> {
    const scope = ctx.loopExecutions?.get(loopId)
    if (!scope) {
      logger.warn('Loop scope not found for initial condition evaluation', { loopId })
@@ -300,7 +309,7 @@ export class LoopOrchestrator {
        return false
      }

-      const result = this.evaluateWhileCondition(ctx, scope.condition, scope)
+      const result = await this.evaluateWhileCondition(ctx, scope.condition, scope)
      logger.info('While loop initial condition evaluation', {
        loopId,
        condition: scope.condition,
@@ -327,11 +336,11 @@ export class LoopOrchestrator {
    return undefined
  }

-  private evaluateWhileCondition(
+  private async evaluateWhileCondition(
    ctx: ExecutionContext,
    condition: string,
    scope: LoopScope
-  ): boolean {
+  ): Promise<boolean> {
    if (!condition) {
      return false
    }
@@ -343,7 +352,6 @@ export class LoopOrchestrator {
        workflowVariables: ctx.workflowVariables,
      })

-      // Use generic utility for smart variable reference replacement
      const evaluatedCondition = replaceValidReferences(condition, (match) => {
        const resolved = this.resolver.resolveSingleReference(ctx, '', match, scope)
        logger.info('Resolved variable reference in loop condition', {
@@ -352,11 +360,9 @@ export class LoopOrchestrator {
          resolvedType: typeof resolved,
        })
        if (resolved !== undefined) {
-          // For booleans and numbers, return as-is (no quotes)
          if (typeof resolved === 'boolean' || typeof resolved === 'number') {
            return String(resolved)
          }
-          // For strings that represent booleans, return without quotes
          if (typeof resolved === 'string') {
            const lower = resolved.toLowerCase().trim()
            if (lower === 'true' || lower === 'false') {
@@ -364,13 +370,33 @@ export class LoopOrchestrator {
            }
            return `"${resolved}"`
          }
-          // For other types, stringify them
          return JSON.stringify(resolved)
        }
        return match
      })

-      const result = Boolean(new Function(`return (${evaluatedCondition})`)())
+      const requestId = generateRequestId()
+      const code = `return Boolean(${evaluatedCondition})`
+
+      const vmResult = await executeInIsolatedVM({
+        code,
+        params: {},
+        envVars: {},
+        contextVariables: {},
+        timeoutMs: LOOP_CONDITION_TIMEOUT_MS,
+        requestId,
+      })
+
+      if (vmResult.error) {
+        logger.error('Failed to evaluate loop condition', {
+          condition,
+          evaluatedCondition,
+          error: vmResult.error,
+        })
+        return false
+      }
+
+      const result = Boolean(vmResult.result)

      logger.info('Loop condition evaluation result', {
        originalCondition: condition,
--- a/apps/sim/executor/orchestrators/node.ts
+++ b/apps/sim/executor/orchestrators/node.ts
@@ -68,7 +68,7 @@ export class NodeExecutionOrchestrator {
    }

    if (node.metadata.isSentinel) {
-      const output = this.handleSentinel(ctx, node)
+      const output = await this.handleSentinel(ctx, node)
      const isFinalOutput = node.outgoingEdges.size === 0
      return {
        nodeId,
@@ -86,14 +86,17 @@ export class NodeExecutionOrchestrator {
    }
  }

-  private handleSentinel(ctx: ExecutionContext, node: DAGNode): NormalizedBlockOutput {
+  private async handleSentinel(
+    ctx: ExecutionContext,
+    node: DAGNode
+  ): Promise<NormalizedBlockOutput> {
    const sentinelType = node.metadata.sentinelType
    const loopId = node.metadata.loopId

    switch (sentinelType) {
      case 'start': {
        if (loopId) {
-          const shouldExecute = this.loopOrchestrator.evaluateInitialCondition(ctx, loopId)
+          const shouldExecute = await this.loopOrchestrator.evaluateInitialCondition(ctx, loopId)
          if (!shouldExecute) {
            logger.info('While loop initial condition false, skipping loop body', { loopId })
            return {
@@ -112,7 +115,7 @@ export class NodeExecutionOrchestrator {
          return { shouldExit: true, selectedRoute: EDGE.LOOP_EXIT }
        }

-        const continuationResult = this.loopOrchestrator.evaluateLoopContinuation(ctx, loopId)
+        const continuationResult = await this.loopOrchestrator.evaluateLoopContinuation(ctx, loopId)

        if (continuationResult.shouldContinue) {
          return {