composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 11:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/symfony/twig-bridge/Node/SearchAndRenderBlockNode.php
View File

@@ -12,6 +12,7 @@
namespace Symfony\Bridge\Twig\Node;
use Twig\Compiler;
use Twig\Extension\CoreExtension;
use Twig\Node\Expression\ArrayExpression;
use Twig\Node\Expression\ConstantExpression;
use Twig\Node\Expression\FunctionExpression;
@@ -50,7 +51,7 @@ final class SearchAndRenderBlockNode extends FunctionExpression
$labelIsExpression = false;
// Only insert the label into the array if it is not empty
if (!twig_test_empty($label->getAttribute('value'))) {
if (null !== $label->getAttribute('value') && false !== $label->getAttribute('value') && '' !== (string) $label->getAttribute('value')) {
$originalVariables = $variables;
$variables = new ArrayExpression([], $lineno);
$labelKey = new ConstantExpression('label', $lineno);
@@ -97,7 +98,12 @@ final class SearchAndRenderBlockNode extends FunctionExpression
// Check at runtime whether the label is empty.
// If not, add it to the array at runtime.
$compiler->raw('(twig_test_empty($_label_ = ');
if (method_exists(CoreExtension::class, 'testEmpty')) {
$compiler->raw('(CoreExtension::testEmpty($_label_ = ');
} else {
$compiler->raw('(twig_test_empty($_label_ = ');
}
$compiler->subcompile($label);
$compiler->raw(') ? [] : ["label" => $_label_])');
}