composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 11:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
lib/symfony/twig-bridge/NodeVisitor/TranslationDefaultDomainNodeVisitor.php
View File

@@ -15,20 +15,24 @@ use Symfony\Bridge\Twig\Node\TransDefaultDomainNode;
use Symfony\Bridge\Twig\Node\TransNode;
use Twig\Environment;
use Twig\Node\BlockNode;
use Twig\Node\EmptyNode;
use Twig\Node\Expression\ArrayExpression;
use Twig\Node\Expression\AssignNameExpression;
use Twig\Node\Expression\ConstantExpression;
use Twig\Node\Expression\FilterExpression;
use Twig\Node\Expression\NameExpression;
use Twig\Node\Expression\Variable\AssignContextVariable;
use Twig\Node\Expression\Variable\ContextVariable;
use Twig\Node\ModuleNode;
use Twig\Node\Node;
use Twig\Node\Nodes;
use Twig\Node\SetNode;
use Twig\NodeVisitor\AbstractNodeVisitor;
use Twig\NodeVisitor\NodeVisitorInterface;
/**
* @author Fabien Potencier <fabien@symfony.com>
*/
final class TranslationDefaultDomainNodeVisitor extends AbstractNodeVisitor
final class TranslationDefaultDomainNodeVisitor implements NodeVisitorInterface
{
private Scope $scope;
@@ -37,7 +41,7 @@ final class TranslationDefaultDomainNodeVisitor extends AbstractNodeVisitor
$this->scope = new Scope();
}
protected function doEnterNode(Node $node, Environment $env): Node
public function enterNode(Node $node, Environment $env): Node
{
if ($node instanceof BlockNode || $node instanceof ModuleNode) {
$this->scope = $this->scope->enter();
@@ -50,10 +54,14 @@ final class TranslationDefaultDomainNodeVisitor extends AbstractNodeVisitor
return $node;
} else {
$var = $this->getVarName();
$name = new AssignNameExpression($var, $node->getTemplateLine());
$this->scope->set('domain', new NameExpression($var, $node->getTemplateLine()));
$name = class_exists(AssignContextVariable::class) ? new AssignContextVariable($var, $node->getTemplateLine()) : new AssignNameExpression($var, $node->getTemplateLine());
$this->scope->set('domain', class_exists(ContextVariable::class) ? new ContextVariable($var, $node->getTemplateLine()) : new NameExpression($var, $node->getTemplateLine()));
return new SetNode(false, new Node([$name]), new Node([$node->getNode('expr')]), $node->getTemplateLine());
if (class_exists(Nodes::class)) {
return new SetNode(false, new Nodes([$name]), new Nodes([$node->getNode('expr')]), $node->getTemplateLine());
} else {
return new SetNode(false, new Node([$name]), new Node([$node->getNode('expr')]), $node->getTemplateLine());
}
}
}
@@ -61,8 +69,14 @@ final class TranslationDefaultDomainNodeVisitor extends AbstractNodeVisitor
return $node;
}
if ($node instanceof FilterExpression && 'trans' === $node->getNode('filter')->getAttribute('value')) {
if ($node instanceof FilterExpression && 'trans' === ($node->hasAttribute('twig_callable') ? $node->getAttribute('twig_callable')->getName() : $node->getNode('filter')->getAttribute('value'))) {
$arguments = $node->getNode('arguments');
if ($arguments instanceof EmptyNode) {
$arguments = new Nodes();
$node->setNode('arguments', $arguments);
}
if ($this->isNamedArguments($arguments)) {
if (!$arguments->hasNode('domain') && !$arguments->hasNode(1)) {
$arguments->setNode('domain', $this->scope->get('domain'));
@@ -83,7 +97,7 @@ final class TranslationDefaultDomainNodeVisitor extends AbstractNodeVisitor
return $node;
}
protected function doLeaveNode(Node $node, Environment $env): ?Node
public function leaveNode(Node $node, Environment $env): ?Node
{
if ($node instanceof TransDefaultDomainNode) {
return null;