composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 10:38:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/symfony/http-kernel/DataCollector/DataCollector.php
View File

@@ -63,9 +63,21 @@ abstract class DataCollector implements DataCollectorInterface
$casters = [
'*' => function ($v, array $a, Stub $s, $isNested) {
if (!$v instanceof Stub) {
$b = $a;
foreach ($a as $k => $v) {
if (\is_object($v) && !$v instanceof \DateTimeInterface && !$v instanceof Stub) {
$a[$k] = new CutStub($v);
if (!\is_object($v) || $v instanceof \DateTimeInterface || $v instanceof Stub) {
continue;
}
try {
$a[$k] = $s = new CutStub($v);
if ($b[$k] === $s) {
// we've hit a non-typed reference
$a[$k] = $v;
}
} catch (\TypeError $e) {
// we've hit a typed reference
}
}
}