From 255455430a9363b5b7862e8729d870533e34826c Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Mon, 3 Sep 2018 16:40:22 +0200
Subject: [PATCH] [HttpKernel][FrameworkBundle] Fix escaping of serialized
 payloads passed to test clients

---
 src/Symfony/Bundle/FrameworkBundle/Client.php | 20 +++++++++----------
 src/Symfony/Component/HttpKernel/Client.php   | 16 +++++++--------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/src/Symfony/Bundle/FrameworkBundle/Client.php b/src/Symfony/Bundle/FrameworkBundle/Client.php
index 6cd0832b13cd..d8c7380d18e8 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Client.php
+++ b/src/Symfony/Bundle/FrameworkBundle/Client.php
@@ -161,19 +161,19 @@ protected function doRequestInProcess($request)
      */
     protected function getScript($request)
     {
-        $kernel = str_replace("'", "\\'", serialize($this->kernel));
-        $request = str_replace("'", "\\'", serialize($request));
+        $kernel = var_export(serialize($this->kernel), true);
+        $request = var_export(serialize($request), true);
 
         $r = new \ReflectionObject($this->kernel);
 
         $autoloader = \dirname($r->getFileName()).'/autoload.php';
         if (is_file($autoloader)) {
-            $autoloader = str_replace("'", "\\'", $autoloader);
+            $autoloader = var_export($autoloader, true);
         } else {
-            $autoloader = '';
+            $autoloader = 'false';
         }
 
-        $path = str_replace("'", "\\'", $r->getFileName());
+        $path = var_export($r->getFileName(), true);
 
         $profilerCode = '';
         if ($this->profiler) {
@@ -187,16 +187,16 @@ protected function getScript($request)
 
 error_reporting($errorReporting);
 
-if ('$autoloader') {
-    require_once '$autoloader';
+if ($autoloader) {
+    require_once $autoloader;
 }
-require_once '$path';
+require_once $path;
 
-\$kernel = unserialize('$kernel');
+\$kernel = unserialize($kernel);
 \$kernel->boot();
 $profilerCode
 
-\$request = unserialize('$request');
+\$request = unserialize($request);
 EOF;
 
         return $code.$this->getHandleScript();
diff --git a/src/Symfony/Component/HttpKernel/Client.php b/src/Symfony/Component/HttpKernel/Client.php
index 49f0e4c16943..2175b567a76d 100644
--- a/src/Symfony/Component/HttpKernel/Client.php
+++ b/src/Symfony/Component/HttpKernel/Client.php
@@ -71,12 +71,12 @@ protected function doRequest($request)
      */
     protected function getScript($request)
     {
-        $kernel = str_replace("'", "\\'", serialize($this->kernel));
-        $request = str_replace("'", "\\'", serialize($request));
+        $kernel = var_export(serialize($this->kernel), true);
+        $request = var_export(serialize($request), true);
 
         $r = new \ReflectionClass('\\Symfony\\Component\\ClassLoader\\ClassLoader');
-        $requirePath = str_replace("'", "\\'", $r->getFileName());
-        $symfonyPath = str_replace("'", "\\'", \dirname(\dirname(\dirname(__DIR__))));
+        $requirePath = var_export($r->getFileName(), true);
+        $symfonyPath = var_export(\dirname(\dirname(\dirname(__DIR__))), true);
         $errorReporting = error_reporting();
 
         $code = <<<EOF
@@ -84,14 +84,14 @@ protected function getScript($request)
 
 error_reporting($errorReporting);
 
-require_once '$requirePath';
+require_once $requirePath;
 
 \$loader = new Symfony\Component\ClassLoader\ClassLoader();
-\$loader->addPrefix('Symfony', '$symfonyPath');
+\$loader->addPrefix('Symfony', $symfonyPath);
 \$loader->register();
 
-\$kernel = unserialize('$kernel');
-\$request = unserialize('$request');
+\$kernel = unserialize($kernel);
+\$request = unserialize($request);
 EOF;
 
         return $code.$this->getHandleScript();