composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 10:38:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/symfony/runtime/SymfonyRuntime.php
View File

@@ -95,7 +95,7 @@ class SymfonyRuntime extends GenericRuntime
if (isset($options['env'])) {
$_SERVER[$envKey] = $options['env'];
} elseif (isset($_SERVER['argv']) && class_exists(ArgvInput::class)) {
} elseif (empty($_GET) && isset($_SERVER['argv']) && class_exists(ArgvInput::class)) {
$this->options = $options;
$this->getInput();
}
@@ -144,7 +144,11 @@ class SymfonyRuntime extends GenericRuntime
if (!$application->getName() || !$console->has($application->getName())) {
$application->setName($_SERVER['argv'][0]);
$console->add($application);
if (method_exists($console, 'addCommand')) {
$console->addCommand($application);
} else {
$console->add($application);
}
}
$console->setDefaultCommand($application->getName(), true);
@@ -203,6 +207,10 @@ class SymfonyRuntime extends GenericRuntime
private function getInput(): ArgvInput
{
if (!empty($_GET) && filter_var(ini_get('register_argc_argv'), \FILTER_VALIDATE_BOOL)) {
throw new \Exception('CLI applications cannot be run safely on non-CLI SAPIs with register_argc_argv=On.');
}
if (isset($this->input)) {
return $this->input;
}