Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array #33814

Merged
merged 1 commit into from Oct 2, 2019

Conversation

@mynameisbogdan
Copy link
Contributor

commented Oct 2, 2019

[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array

Q A
Branch? 4.3
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #33769
License MIT

If $_SESSION['_sf2_attributes'] is set to a string, SessionBagProxy::initialize will throw an error since it's argument is type-hinted as array. So this change is to check before if the data to be passed is truly an array.

Copy link
Member

left a comment

(merging on 3.4)

@nicolas-grekas nicolas-grekas changed the base branch from 4.3 to 3.4 Oct 2, 2019
@nicolas-grekas

This comment has been minimized.

Copy link
Member

commented Oct 2, 2019

Thank you @mynameisbogdan.

nicolas-grekas added a commit that referenced this pull request Oct 2, 2019
…initialize is an array (mynameisbogdan)

This PR was submitted for the 4.3 branch but it was merged into the 3.4 branch instead (closes #33814).

Discussion
----------

[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array

[HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array

| Q             | A
| ------------- | ---
| Branch?       | 4.3
| Bug fix?      | yes
| New feature?  | no <!-- please update src/**/CHANGELOG.md files -->
| Deprecations? | no <!-- please update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tickets       | Fix #33769 <!-- prefix each issue number with "Fix #", if any -->
| License       | MIT
<!--
Replace this notice by a short README for your feature/bugfix. This will help people
understand your PR and can be used as a start for the documentation.

Additionally (see https://symfony.com/roadmap):
 - Always add tests and ensure they pass.
 - Never break backward compatibility (see https://symfony.com/bc).
 - Bug fixes must be submitted against the lowest maintained branch where they apply
   (lowest branches are regularly merged to upper ones so they get the fixes too.)
 - Features and deprecations must be submitted against branch 4.4.
 - Legacy code removals go to the master branch.
-->

If `$_SESSION['_sf2_attributes']` is set to a string, `SessionBagProxy::initialize` will throw an error since it's argument is type-hinted as array. So this change is to check before if the data to be passed is truly an array.

Commits
-------

38782bc [HttpFoundation] Check if data passed to SessionBagProxy::initialize is an array
@nicolas-grekas nicolas-grekas merged commit 38782bc into symfony:3.4 Oct 2, 2019
1 of 2 checks passed
1 of 2 checks passed
continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
fabbot.io Your code looks good.
Details
This was referenced Oct 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.