composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-20 07:42:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°9379 - PHP unserialze function - security hardening

Browse Source 
- code review
This commit is contained in:
Benjamin DALSASS
2026-04-13 08:56:30 +02:00
parent 9be12a5ab4
commit 9ba8ba3ad9
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
application/utils.inc.php
View File

@@ -3256,14 +3256,14 @@ TXT
/** /**
* PHP unserialize encapsulation, allow throwing exception when not allowed object class is detected (for security hardening) * PHP unserialize encapsulation, allow throwing exception when not allowed object class is detected (for security hardening)
* *
* @param mixed $data data to unserialize * @param string $data data to unserialize
* @param array $aOptions PHP @unserialise options * @param array $aOptions PHP @unserialise options
* @param bool $bThrowNotAllowedObjectClassException flag to throw exception * @param bool $bThrowNotAllowedObjectClassException flag to throw exception
* *
* @return mixed PHP @unserialise return * @return mixed PHP @unserialise return
* @throws Exception * @throws Exception
*/ */
public static function Unserialize(mixed $data, array $aOptions = ['allowed_classes' => false], bool $bThrowNotAllowedObjectClassException = true): mixed public static function Unserialize(string $data, array $aOptions = ['allowed_classes' => false], bool $bThrowNotAllowedObjectClassException = true): mixed
{ {
$data = unserialize($data, $aOptions); $data = unserialize($data, $aOptions);