Permalink
Browse files

minor #27795 [Security/Http] report file+line of unserialization erro…

…rs in Firewall/ContextListener (nicolas-grekas)

This PR was merged into the 4.2-dev branch.

Discussion
----------

[Security/Http] report file+line of unserialization errors in Firewall/ContextListener

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

Commits
-------

9adb0c7 [Security/Http] report file+line of unserialization errors in Firewall/ContextListener
  • Loading branch information...
fabpot committed Jul 3, 2018
2 parents 9efa555 + 9adb0c7 commit 9da045469eddfd79e57eced772e06274ee4e452a
Showing with 3 additions and 3 deletions.
  1. +3 −3 src/Symfony/Component/Security/Http/Firewall/ContextListener.php
@@ -218,7 +218,7 @@ private function safelyUnserialize($serializedToken)
$prevUnserializeHandler = ini_set('unserialize_callback_func', __CLASS__.'::handleUnserializeCallback');
$prevErrorHandler = set_error_handler(function ($type, $msg, $file, $line, $context = array()) use (&$prevErrorHandler) {
if (__FILE__ === $file) {
throw new \UnexpectedValueException($msg, 0x37313bc);
throw new \ErrorException($msg, 0x37313bc, $type, $file, $line);
}
return $prevErrorHandler ? $prevErrorHandler($type, $msg, $file, $line, $context) : false;
@@ -231,7 +231,7 @@ private function safelyUnserialize($serializedToken)
restore_error_handler();
ini_set('unserialize_callback_func', $prevUnserializeHandler);
if ($e) {
if (!$e instanceof \UnexpectedValueException || 0x37313bc !== $e->getCode()) {
if (!$e instanceof \ErrorException || 0x37313bc !== $e->getCode()) {
throw $e;
}
if ($this->logger) {
@@ -247,6 +247,6 @@ private function safelyUnserialize($serializedToken)
*/
public static function handleUnserializeCallback($class)
{
throw new \UnexpectedValueException('Class not found: '.$class, 0x37313bc);
throw new \ErrorException('Class not found: '.$class, 0x37313bc);
}
}

0 comments on commit 9da0454

Please sign in to comment.