composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-26 20:18:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
lib/symfony/config/Definition/Dumper/YamlReferenceDumper.php
View File

@@ -18,7 +18,6 @@ use Symfony\Component\Config\Definition\EnumNode;
use Symfony\Component\Config\Definition\NodeInterface;
use Symfony\Component\Config\Definition\PrototypedArrayNode;
use Symfony\Component\Config\Definition\ScalarNode;
use Symfony\Component\Config\Definition\VariableNode;
use Symfony\Component\Yaml\Inline;
/**
@@ -80,7 +79,7 @@ class YamlReferenceDumper
return $ref;
}
private function writeNode(NodeInterface $node, NodeInterface $parentNode = null, int $depth = 0, bool $prototypedArray = false): void
private function writeNode(NodeInterface $node, ?NodeInterface $parentNode = null, int $depth = 0, bool $prototypedArray = false): void
{
$comments = [];
$default = '';
@@ -99,19 +98,12 @@ class YamlReferenceDumper
$children = $this->getPrototypeChildren($node);
}
if (!$children) {
if ($node->hasDefaultValue() && \count($defaultArray = $node->getDefaultValue())) {
$default = '';
} elseif (!\is_array($example)) {
$default = '[]';
}
if (!$children && !($node->hasDefaultValue() && \count($defaultArray = $node->getDefaultValue()))) {
$default = '[]';
}
} elseif ($node instanceof EnumNode) {
$comments[] = 'One of '.$node->getPermissibleValues('; ');
$default = $node->hasDefaultValue() ? Inline::dump($node->getDefaultValue()) : '~';
} elseif (VariableNode::class === $node::class && \is_array($example)) {
// If there is an array example, we are sure we dont need to print a default value
$default = '';
} else {
$default = '~';
@@ -179,7 +171,7 @@ class YamlReferenceDumper
$this->writeLine('# '.$message.':', $depth * 4 + 4);
$this->writeArray(array_map(Inline::dump(...), $example), $depth + 1);
$this->writeArray(array_map(Inline::dump(...), $example), $depth + 1, true);
}
if ($children) {
@@ -200,7 +192,7 @@ class YamlReferenceDumper
$this->reference .= sprintf($format, $text)."\n";
}
private function writeArray(array $array, int $depth): void
private function writeArray(array $array, int $depth, bool $asComment = false): void
{
$isIndexed = array_is_list($array);
@@ -211,14 +203,16 @@ class YamlReferenceDumper
$val = $value;
}
$prefix = $asComment ? '# ' : '';
if ($isIndexed) {
$this->writeLine('- '.$val, $depth * 4);
$this->writeLine($prefix.'- '.$val, $depth * 4);
} else {
$this->writeLine(sprintf('%-20s %s', $key.':', $val), $depth * 4);
$this->writeLine(sprintf('%s%-20s %s', $prefix, $key.':', $val), $depth * 4);
}
if (\is_array($value)) {
$this->writeArray($value, $depth + 1);
$this->writeArray($value, $depth + 1, $asComment);
}
}
}