MDL-75405 block_html: safer unserialize during old block conversion.

moodle · Sep 6, 2022 · 786a495 · 786a495
1 parent 323e272
commit 786a495
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/blocks/html/backup/moodle1/lib.php b/blocks/html/backup/moodle1/lib.php
@@ -36,15 +36,15 @@ protected function convert_configdata(array $olddata) {
         $contextid  = $this->converter->get_contextid(CONTEXT_BLOCK, $olddata['id']);
         $decodeddata = base64_decode($olddata['configdata']);
         list($updated, $configdata) = upgrade_fix_serialized_objects($decodeddata);
-        $configdata = unserialize($configdata);
+        $configdata = unserialize_object($configdata);
 
         // get a fresh new file manager for this instance
         $this->fileman = $this->converter->get_file_manager($contextid, 'block_html');
 
         // convert course files embedded in the block content
         $this->fileman->filearea = 'content';
         $this->fileman->itemid   = 0;
-        $configdata->text = moodle1_converter::migrate_referenced_files($configdata->text, $this->fileman);
+        $configdata->text = moodle1_converter::migrate_referenced_files($configdata->text ?? '', $this->fileman);
         $configdata->format = FORMAT_HTML;
 
         return base64_encode(serialize($configdata));