Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix partial output leak when a PHP fatal error occurs #2995

Merged
merged 1 commit into from May 3, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG
@@ -1,5 +1,6 @@
* 1.40.2 (2019-XX-XX)

* fixed partial output leak when a PHP fatal error occurs
* optimized context access on PHP 7.4

* 1.40.1 (2019-04-29)
Expand Down
2 changes: 1 addition & 1 deletion src/Extension/DebugExtension.php
Expand Up @@ -54,7 +54,7 @@ function twig_var_dump(Environment $env, $context, array $vars = [])
return;
}

ob_start();
ob_start(function () { return ''; });

if (!$vars) {
$vars = [];
Expand Down
2 changes: 1 addition & 1 deletion src/Node/MacroNode.php
Expand Up @@ -104,7 +104,7 @@ public function compile(Compiler $compiler)
->outdent()
->write("]);\n\n")
->write("\$blocks = [];\n\n")
->write("ob_start();\n")
->write("ob_start(function () { return ''; });\n")
->write("try {\n")
->indent()
->subcompile($this->getNode('body'))
Expand Down
2 changes: 1 addition & 1 deletion src/Node/SetNode.php
Expand Up @@ -58,7 +58,7 @@ public function compile(Compiler $compiler)
} else {
if ($this->getAttribute('capture')) {
$compiler
->write("ob_start();\n")
->write("ob_start(function () { return ''; });\n")
->subcompile($this->getNode('values'))
;
}
Expand Down
2 changes: 1 addition & 1 deletion src/Node/SpacelessNode.php
Expand Up @@ -31,7 +31,7 @@ public function compile(Compiler $compiler)
{
$compiler
->addDebugInfo($this)
->write("ob_start();\n")
->write("ob_start(function () { return ''; });\n")
->subcompile($this->getNode('body'))
->write("echo trim(preg_replace('/>\s+</', '><', ob_get_clean()));\n")
;
Expand Down
6 changes: 3 additions & 3 deletions src/Template.php
Expand Up @@ -253,7 +253,7 @@ public function displayBlock($name, array $context, array $blocks = [], $useBloc
*/
public function renderParentBlock($name, array $context, array $blocks = [])
{
ob_start();
ob_start(function () { return ''; });
$this->displayParentBlock($name, $context, $blocks);

return ob_get_clean();
Expand All @@ -274,7 +274,7 @@ public function renderParentBlock($name, array $context, array $blocks = [])
*/
public function renderBlock($name, array $context, array $blocks = [], $useBlocks = true)
{
ob_start();
ob_start(function () { return ''; });
$this->displayBlock($name, $context, $blocks, $useBlocks);

return ob_get_clean();
Expand Down Expand Up @@ -417,7 +417,7 @@ public function display(array $context, array $blocks = [])
public function render(array $context)
{
$level = ob_get_level();
ob_start();
ob_start(function () { return ''; });
try {
$this->display($context);
} catch (\Exception $e) {
Expand Down
2 changes: 1 addition & 1 deletion src/TemplateWrapper.php
Expand Up @@ -96,7 +96,7 @@ public function renderBlock($name, $context = [])
{
$context = $this->env->mergeGlobals($context);
$level = ob_get_level();
ob_start();
ob_start(function () { return ''; });
try {
$this->template->displayBlock($name, $context);
} catch (\Exception $e) {
Expand Down
2 changes: 1 addition & 1 deletion test/Twig/Tests/Node/MacroTest.php
Expand Up @@ -59,7 +59,7 @@ public function getfoo(\$__foo__ = null, \$__bar__ = "Foo"$declaration)

\$blocks = [];

ob_start();
ob_start(function () { return ''; });
try {
echo "foo";
} catch (\Exception \$e) {
Expand Down
2 changes: 1 addition & 1 deletion test/Twig/Tests/Node/SetTest.php
Expand Up @@ -49,7 +49,7 @@ public function getTests()
$node = new SetNode(true, $names, $values, 1);
$tests[] = [$node, <<<EOF
// line 1
ob_start();
ob_start(function () { return ''; });
echo "foo";
\$context["foo"] = ('' === \$tmp = ob_get_clean()) ? '' : new Markup(\$tmp, \$this->env->getCharset());
EOF
Expand Down
2 changes: 1 addition & 1 deletion test/Twig/Tests/Node/SpacelessTest.php
Expand Up @@ -32,7 +32,7 @@ public function getTests()
return [
[$node, <<<EOF
// line 1
ob_start();
ob_start(function () { return ''; });
echo "<div> <div> foo </div> </div>";
echo trim(preg_replace('/>\s+</', '><', ob_get_clean()));
EOF
Expand Down