composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 11:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/symfony/dependency-injection/Compiler/AbstractRecursivePass.php
View File

@@ -82,7 +82,7 @@ abstract class AbstractRecursivePass implements CompilerPassInterface
continue;
}
if ($isRoot) {
if ($v->hasTag('container.excluded')) {
if ($v instanceof Definition && $v->hasTag('container.excluded')) {
continue;
}
$this->currentId = $k;
@@ -219,6 +219,10 @@ abstract class AbstractRecursivePass implements CompilerPassInterface
return new \ReflectionMethod(static function (...$arguments) {}, '__invoke');
}
if ($r->hasMethod('__callStatic') && ($r = $r->getMethod('__callStatic')) && $r->isPublic()) {
return new \ReflectionMethod(static function (...$arguments) {}, '__invoke');
}
throw new RuntimeException(sprintf('Invalid service "%s": method "%s()" does not exist.', $this->currentId, $class !== $this->currentId ? $class.'::'.$method : $method));
}