Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Safer inclusion of serialized string

  • Loading branch information...
commit c170916013dd95f4b21312a49869046c8f1a84ea 1 parent 2946360
@davedevelopment authored
View
4 library/Mutagenesis/Utility/Job.php
@@ -33,7 +33,7 @@ class Job
public function generate(array $mutation = array(), array $args = array(), $timeout = 60, $bootstrap = null)
{
$serializedArgs = addslashes(serialize($args));
- $serializedMutation = addslashes(serialize($mutation));
+ $serializedMutation = addcslashes(serialize($mutation), "'\\");
if (is_null($bootstrap)) {
$bootstrap = 'null';
} else {
@@ -51,7 +51,7 @@ class Job {
static function main () {
\Mutagenesis\Adapter\Phpunit::main(
"{$serializedArgs}",
- "{$serializedMutation}",
+ '{$serializedMutation}',
{$bootstrap}
);
}
View
15 tests/Mutagenesis/Utility/JobTest.php
@@ -27,7 +27,13 @@ class Mutagenesis_JobTest extends PHPUnit_Framework_TestCase
public function testGenerateReturnsPHPScriptRenderedWithCurrentRunnersSettingsAndSerialisedMutationArray()
{
$job = new \Mutagenesis\Utility\Job;
- $script = $job->generate(array('a', '1', new stdClass));
+ $source = '
+ $obj = new stdClass;
+ $obj->dave = function() {
+ return $dave = 123;
+ };
+ ';
+ $script = $job->generate(array('a', '1', $source));
$expected = <<<EXPECTED
<?php
namespace MutagenesisEnv;
@@ -40,7 +46,12 @@ class Job {
static function main () {
\Mutagenesis\Adapter\Phpunit::main(
"a:0:{}",
- "a:3:{i:0;s:1:\"a\";i:1;s:1:\"1\";i:2;O:8:\"stdClass\":0:{}}",
+ 'a:3:{i:0;s:1:"a";i:1;s:1:"1";i:2;s:115:"
+ \$obj = new stdClass;
+ \$obj->dave = function() {
+ return \$dave = 123;
+ };
+ ";}',
null
);
}
Please sign in to comment.
Something went wrong with that request. Please try again.