fix: do not allow setting __proto__ in Message constructor (#2126)

When a properties object passed to Message constructor contains
__proto__, such as in

const properties = JSON.parse('{"__proto__": {"polluted": "yes"}}');
const message = new protobuf.Message(properties);

the resulting message object will have message.polluted defined
which is not intended.

Filter out __proto__ when iterating over the keys of the properties.

Author: alexander-fenster

src/message.js

@@ -13,8 +13,12 @@ var util = require("./util/minimal");
 function Message(properties) {
     // not used internally
     if (properties)
-        for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i)
-            this[keys[i]] = properties[keys[i]];
+        for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) {
+            var key = keys[i];
+            if (key === "__proto__")
+                continue;
+            this[key] = properties[key];
+        }
 }
 
 /**
@@ -136,4 +140,4 @@ Message.prototype.toJSON = function toJSON() {
     return this.$type.toObject(this, util.toJSONOptions);
 };
 
-/*eslint-enable valid-jsdoc*/
+/*eslint-enable valid-jsdoc*/