8000 Merge branch '3.4' into 4.3 · symfony/symfony@2baf53a · GitHub
[go: up one dir, main page]
Skip to content

Commit 2baf53a

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '3.4' into 4.3
* 3.4: [HttpFoundation] fix guessing mime-types of files with leading dash [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances Use constant time comparison in UriSigner
2 parents 4bc7e9c + 4cc37df commit 2baf53a

File tree

6 files changed

+34
-3
lines changed

6 files changed

+34
-3
lines changed

src/Symfony/Component/Cache/Adapter/TagAwareAdapter.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,6 +286,16 @@ public function commit()
286286
return $this->invalidateTags([]);
287287
}
288288

289+
public function __sleep()
290+
{
291+
throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
292+
}
293+
294+
public function __wakeup()
295+
{
296+
throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
297+
}
298+
289299
public function __destruct()
290300
{
291301
$this->commit();

src/Symfony/Component/Cache/Traits/AbstractAdapterTrait.php

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,16 @@ public function saveDeferred(CacheItemInterface $item)
108108
return true;
109109
}
110110

111+
public function __sleep()
112+
{
113+
throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
114+
}
115+
116+
public function __wakeup()
117+
{
118+
throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
119+
}
120+
111121
public function __destruct()
112122
{
113123
if ($this->deferred) {

src/Symfony/Component/HttpFoundation/File/MimeType/FileBinaryMimeTypeGuesser.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ class FileBinaryMimeTypeGuesser implements MimeTypeGuesserInterface
3636
*
3737
* @param string $cmd The command to run to get the mime type of a file
3838
*/
39-
public function __construct(string $cmd = 'file -b --mime %s 2>/dev/null')
39+
public function __construct(string $cmd = 'file -b --mime -- %s 2>/dev/null')
4040
{
4141
$this->cmd = $cmd;
4242
}
@@ -85,7 +85,7 @@ public function guess($path)
8585
ob_start();
8686

8787
// need to use --mime instead of -i. see #6641
88-
passthru(sprintf($this->cmd, escapeshellarg($path)), $return);
88+
passthru(sprintf($this->cmd, escapeshellarg((0 === strpos($path, '-') ? './' : '').$path)), $return);
8989
if ($return > 0) {
9090
ob_end_clean();
9191

src/Symfony/Component/HttpFoundation/Tests/File/Fixtures/-test

35 Bytes
Binary file not shown.

src/Symfony/Component/HttpFoundation/Tests/File/MimeType/MimeTypeTest.php

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,17 @@
2121
*/
2222
class MimeTypeTest extends TestCase
2323
{
24+
public function testGuessWithLeadingDash()
25+
{
26+
$cwd = getcwd();
27+
chdir(__DIR__.'/../Fixtures');
28+
try {
29+
$this->assertEquals('image/gif', MimeTypeGuesser::getInstance()->guess('-test'));
30+
} finally {
31+
chdir($cwd);
32+
}
33+
}
34+
2435
public function testGuessImageWithoutExtension()
2536
{
2637
$this->assertEquals('image/gif', MimeTypeGuesser::getInstance()->guess(__DIR__.'/../Fixtures/test'));

src/Symfony/Component/HttpKernel/UriSigner.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ public function check($uri)
7979
$hash = $params[$this->parameter];
8080
unset($params[$this->parameter]);
8181

82-
return $this->computeHash($this->buildUrl($url, $params)) === $hash;
82+
return hash_equals($this->computeHash($this->buildUrl($url, $params)), $hash);
8383
}
8484

8585
private function computeHash($uri)

0 commit comments

Comments
 (0)
0