From 26c6ed3134ea7acdc6543d6f4890c320924f26a8 Mon Sep 17 00:00:00 2001
From: Davide Fiorello <davide@codeflyer.com>
Date: Thu, 4 Nov 2021 16:57:02 +0100
Subject: [PATCH] fix: verify request socket before access attributes (#3491)

---
 lib/request.js                 | 12 ++++++---
 test/internals/request.test.js | 47 ++++++++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/lib/request.js b/lib/request.js
index f6c94e2db8..9709a23cf9 100644
--- a/lib/request.js
+++ b/lib/request.js
@@ -102,7 +102,9 @@ function buildRequestWithTrustProxy (R, trustProxy) {
         if (this.headers['x-forwarded-proto']) {
           return getLastEntryInMultiHeaderValue(this.headers['x-forwarded-proto'])
         }
-        return this.socket.encrypted ? 'https' : 'http'
+        if (this.socket) {
+          return this.socket.encrypted ? 'https' : 'http'
+        }
       }
     }
   })
@@ -158,7 +160,9 @@ Object.defineProperties(Request.prototype, {
   },
   ip: {
     get () {
-      return this.socket.remoteAddress
+      if (this.socket) {
+        return this.socket.remoteAddress
+      }
     }
   },
   hostname: {
@@ -168,7 +172,9 @@ Object.defineProperties(Request.prototype, {
   },
   protocol: {
     get () {
-      return this.socket.encrypted ? 'https' : 'http'
+      if (this.socket) {
+        return this.socket.encrypted ? 'https' : 'http'
+      }
     }
   },
   headers: {
diff --git a/test/internals/request.test.js b/test/internals/request.test.js
index 644c044248..e7f3d01dce 100644
--- a/test/internals/request.test.js
+++ b/test/internals/request.test.js
@@ -213,3 +213,50 @@ test('Request with trust proxy - plain', t => {
   const request = new TpRequest('id', 'params', req, 'query', 'log')
   t.same(request.protocol, 'http')
 })
+
+test('Request with undefined socket', t => {
+  t.plan(15)
+  const headers = {
+    host: 'hostname'
+  }
+  const req = {
+    method: 'GET',
+    url: '/',
+    socket: undefined,
+    headers
+  }
+  const request = new Request('id', 'params', req, 'query', 'log')
+  t.type(request, Request)
+  t.equal(request.id, 'id')
+  t.equal(request.params, 'params')
+  t.same(request.raw, req)
+  t.equal(request.query, 'query')
+  t.equal(request.headers, headers)
+  t.equal(request.log, 'log')
+  t.equal(request.ip, undefined)
+  t.equal(request.ips, undefined)
+  t.equal(request.hostname, 'hostname')
+  t.equal(request.body, null)
+  t.equal(request.method, 'GET')
+  t.equal(request.url, '/')
+  t.equal(request.protocol, undefined)
+  t.same(request.socket, req.socket)
+})
+
+test('Request with trust proxy and undefined socket', t => {
+  t.plan(1)
+  const headers = {
+    'x-forwarded-for': '2.2.2.2, 1.1.1.1',
+    'x-forwarded-host': 'example.com'
+  }
+  const req = {
+    method: 'GET',
+    url: '/',
+    socket: undefined,
+    headers
+  }
+
+  const TpRequest = Request.buildRequest(Request, true)
+  const request = new TpRequest('id', 'params', req, 'query', 'log')
+  t.same(request.protocol, undefined)
+})