Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
bug #28344 [HttpKernel][FrameworkBundle] Fix escaping of serialized p…
…ayloads passed to test clients (nicolas-grekas)

This PR was merged into the 2.8 branch.

Discussion
----------

[HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients

| Q             | A
| ------------- | ---
| Branch?       | 2.8
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #28125
| License       | MIT
| Doc PR        | -

Commits
-------

2554554 [HttpKernel][FrameworkBundle] Fix escaping of serialized payloads passed to test clients
  • Loading branch information
fabpot committed Sep 4, 2018
2 parents b102e72 + 2554554 commit cf359c2
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 18 deletions.
20 changes: 10 additions & 10 deletions src/Symfony/Bundle/FrameworkBundle/Client.php
Expand Up @@ -161,19 +161,19 @@ protected function doRequestInProcess($request)
*/
protected function getScript($request)
{
$kernel = str_replace("'", "\\'", serialize($this->kernel));
$request = str_replace("'", "\\'", serialize($request));
$kernel = var_export(serialize($this->kernel), true);
$request = var_export(serialize($request), true);

$r = new \ReflectionObject($this->kernel);

$autoloader = \dirname($r->getFileName()).'/autoload.php';
if (is_file($autoloader)) {
$autoloader = str_replace("'", "\\'", $autoloader);
$autoloader = var_export($autoloader, true);
} else {
$autoloader = '';
$autoloader = 'false';
}

$path = str_replace("'", "\\'", $r->getFileName());
$path = var_export($r->getFileName(), true);

$profilerCode = '';
if ($this->profiler) {
Expand All @@ -187,16 +187,16 @@ protected function getScript($request)
error_reporting($errorReporting);
if ('$autoloader') {
require_once '$autoloader';
if ($autoloader) {
require_once $autoloader;
}
require_once '$path';
require_once $path;
\$kernel = unserialize('$kernel');
\$kernel = unserialize($kernel);
\$kernel->boot();
$profilerCode
\$request = unserialize('$request');
\$request = unserialize($request);
EOF;

return $code.$this->getHandleScript();
Expand Down
16 changes: 8 additions & 8 deletions src/Symfony/Component/HttpKernel/Client.php
Expand Up @@ -71,27 +71,27 @@ protected function doRequest($request)
*/
protected function getScript($request)
{
$kernel = str_replace("'", "\\'", serialize($this->kernel));
$request = str_replace("'", "\\'", serialize($request));
$kernel = var_export(serialize($this->kernel), true);
$request = var_export(serialize($request), true);

$r = new \ReflectionClass('\\Symfony\\Component\\ClassLoader\\ClassLoader');
$requirePath = str_replace("'", "\\'", $r->getFileName());
$symfonyPath = str_replace("'", "\\'", \dirname(\dirname(\dirname(__DIR__))));
$requirePath = var_export($r->getFileName(), true);
$symfonyPath = var_export(\dirname(\dirname(\dirname(__DIR__))), true);
$errorReporting = error_reporting();

$code = <<<EOF
<?php
error_reporting($errorReporting);
require_once '$requirePath';
require_once $requirePath;
\$loader = new Symfony\Component\ClassLoader\ClassLoader();
\$loader->addPrefix('Symfony', '$symfonyPath');
\$loader->addPrefix('Symfony', $symfonyPath);
\$loader->register();
\$kernel = unserialize('$kernel');
\$request = unserialize('$request');
\$kernel = unserialize($kernel);
\$request = unserialize($request);
EOF;

return $code.$this->getHandleScript();
Expand Down

0 comments on commit cf359c2

Please sign in to comment.