composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-26 20:18:52 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/symfony/twig-bridge/Node/TransNode.php
View File

@@ -11,20 +11,24 @@
namespace Symfony\Bridge\Twig\Node;
use Twig\Attribute\FirstClassTwigCallableReady;
use Twig\Attribute\YieldReady;
use Twig\Compiler;
use Twig\Node\Expression\AbstractExpression;
use Twig\Node\Expression\ArrayExpression;
use Twig\Node\Expression\ConstantExpression;
use Twig\Node\Expression\NameExpression;
use Twig\Node\Expression\Variable\ContextVariable;
use Twig\Node\Node;
use Twig\Node\TextNode;
/**
* @author Fabien Potencier <fabien@symfony.com>
*/
#[YieldReady]
final class TransNode extends Node
{
public function __construct(Node $body, Node $domain = null, AbstractExpression $count = null, AbstractExpression $vars = null, AbstractExpression $locale = null, int $lineno = 0, string $tag = null)
public function __construct(Node $body, ?Node $domain = null, ?AbstractExpression $count = null, ?AbstractExpression $vars = null, ?AbstractExpression $locale = null, int $lineno = 0, ?string $tag = null)
{
$nodes = ['body' => $body];
if (null !== $domain) {
@@ -40,7 +44,11 @@ final class TransNode extends Node
$nodes['locale'] = $locale;
}
parent::__construct($nodes, [], $lineno, $tag);
if (class_exists(FirstClassTwigCallableReady::class)) {
parent::__construct($nodes, [], $lineno);
} else {
parent::__construct($nodes, [], $lineno, $tag);
}
}
public function compile(Compiler $compiler): void
@@ -53,9 +61,10 @@ final class TransNode extends Node
$vars = null;
}
[$msg, $defaults] = $this->compileString($this->getNode('body'), $defaults, (bool) $vars);
$display = class_exists(YieldReady::class) ? 'yield' : 'echo';
$compiler
->write('echo $this->env->getExtension(\'Symfony\Bridge\Twig\Extension\TranslationExtension\')->trans(')
->write($display.' $this->env->getExtension(\'Symfony\Bridge\Twig\Extension\TranslationExtension\')->trans(')
->subcompile($msg)
;
@@ -118,7 +127,7 @@ final class TransNode extends Node
if ('count' === $var && $this->hasNode('count')) {
$vars->addElement($this->getNode('count'), $key);
} else {
$varExpr = new NameExpression($var, $body->getTemplateLine());
$varExpr = class_exists(ContextVariable::class) ? new ContextVariable($var, $body->getTemplateLine()) : new NameExpression($var, $body->getTemplateLine());
$varExpr->setAttribute('ignore_strict_check', $ignoreStrictCheck);
$vars->addElement($varExpr, $key);
}