composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-30 22:18:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
lib/symfony/var-dumper/Caster/ReflectionCaster.php
View File

@@ -45,7 +45,7 @@ class ReflectionCaster
$a = static::castFunctionAbstract($c, $a, $stub, $isNested, $filter);
if (!str_contains($c->name, '{closure}')) {
if (!str_contains($c->name, '{closure')) {
$stub->class = isset($a[$prefix.'class']) ? $a[$prefix.'class']->value.'::'.$c->name : $c->name;
unset($a[$prefix.'class']);
}
@@ -89,13 +89,13 @@ class ReflectionCaster
// Cannot create ReflectionGenerator based on a terminated Generator
try {
$reflectionGenerator = new \ReflectionGenerator($c);
return self::castReflectionGenerator($reflectionGenerator, $a, $stub, $isNested);
} catch (\Exception) {
$a[Caster::PREFIX_VIRTUAL.'closed'] = true;
return $a;
}
return self::castReflectionGenerator($reflectionGenerator, $a, $stub, $isNested);
}
/**
@@ -128,10 +128,16 @@ class ReflectionCaster
*/
public static function castAttribute(\ReflectionAttribute $c, array $a, Stub $stub, bool $isNested)
{
self::addMap($a, $c, [
$map = [
'name' => 'getName',
'arguments' => 'getArguments',
]);
];
if (\PHP_VERSION_ID >= 80400) {
unset($map['name']);
}
self::addMap($a, $c, $map);
return $a;
}
@@ -225,7 +231,7 @@ class ReflectionCaster
if (isset($a[$prefix.'returnType'])) {
$v = $a[$prefix.'returnType'];
$v = $v instanceof \ReflectionNamedType ? $v->getName() : (string) $v;
$a[$prefix.'returnType'] = new ClassStub($a[$prefix.'returnType'] instanceof \ReflectionNamedType && $a[$prefix.'returnType']->allowsNull() && 'mixed' !== $v ? '?'.$v : $v, [class_exists($v, false) || interface_exists($v, false) || trait_exists($v, false) ? $v : '', '']);
$a[$prefix.'returnType'] = new ClassStub($a[$prefix.'returnType'] instanceof \ReflectionNamedType && $a[$prefix.'returnType']->allowsNull() && !\in_array($v, ['mixed', 'null'], true) ? '?'.$v : $v, [class_exists($v, false) || interface_exists($v, false) || trait_exists($v, false) ? $v : '', '']);
}
if (isset($a[$prefix.'class'])) {
$a[$prefix.'class'] = new ClassStub($a[$prefix.'class']);
@@ -407,7 +413,7 @@ class ReflectionCaster
if (!$type instanceof \ReflectionNamedType) {
$signature .= $type.' ';
} else {
if (!$param->isOptional() && $param->allowsNull() && 'mixed' !== $type->getName()) {
if ($param->allowsNull() && !\in_array($type->getName(), ['mixed', 'null'], true)) {
$signature .= '?';
}
$signature .= substr(strrchr('\\'.$type->getName(), '\\'), 1).' ';