Skip to content

Commit 30be077

Browse files
committed
fixed sandbox security issue
1 parent 7b6c0e9 commit 30be077

File tree

2 files changed

+14
-0
lines changed

2 files changed

+14
-0
lines changed

Diff for: lib/Twig/Template.php

+5
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,11 @@ public function displayBlock($name, array $context, array $blocks = array(), $us
154154
}
155155

156156
if (null !== $template) {
157+
// avoid RCEs when sandbox is enabled
158+
if (!$template instanceof Twig_Template) {
159+
throw new \LogicException('A block must be a method on a Twig_Template instance.');
160+
}
161+
157162
try {
158163
$template->$block($context, $blocks);
159164
} catch (Twig_Error $e) {

Diff for: test/Twig/Tests/TemplateTest.php

+9
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,15 @@
1010
*/
1111
class Twig_Tests_TemplateTest extends PHPUnit_Framework_TestCase
1212
{
13+
/**
14+
* @expectedException LogicException
15+
*/
16+
public function testDisplayBlocksAcceptTemplateOnlyAsBlocks()
17+
{
18+
$template = $this->getMockForAbstractClass('Twig_Template', array(), '', false);
19+
$template->displayBlock('foo', array(), array('foo' => array(new stdClass(), 'foo')));
20+
}
21+
1322
/**
1423
* @dataProvider getAttributeExceptions
1524
*/

0 commit comments

Comments
 (0)