10000 [BC breaking] Accept only valid base 64 in envvars · symfony/symfony@90bc19f · GitHub
[go: up one dir, main page]
Skip to content

Commit 90bc19f

Browse files
mcfedrmcfedr
committed
[BC breaking] Accept only valid base 64 in envvars
1 parent 532c579 commit 90bc19f

File tree

2 files changed

+22
-1
lines changed

2 files changed

+22
-1
lines changed

src/Symfony/Component/DependencyInjection/EnvVarProcessor.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -118,7 +118,13 @@ public function getEnv($prefix, $name, \Closure $getEnv)
118118
}
119119

120120
if ('base64' === $prefix) {
121-
return base64_decode($env);
121+
$env = base64_decode($env, true);
122+
123+
if (false === $env) {
124+
throw new RuntimeException(sprintf('Invalid Base64 in env var "%s": ', $name));
125+
}
126+
127+
return $env;
122128
}
123129

124130
if ('json' === $prefix) {

src/Symfony/Component/DependencyInjection/Tests/EnvVarProcessorTest.php

Original file line numberDiff line numberDiff line change
@@ -233,6 +233,21 @@ public function testGetEnvBase64()
233233
$this->assertSame('hello', $result);
234234
}
235235

236+
/**
237+
* @expectedException \Symfony\Component\DependencyInjection\Exception\RuntimeException
238+
* @expectedExceptionMessage Invalid Base64
239+
*/
240+
public function testGetEnvInvalidBase64()
241+
{
242+
$processor = new EnvVarProcessor(new Container());
243+
244+
$processor->getEnv('base64', 'foo', function ($name) {
245+
$this->assertSame('foo', $name);
246+
247+
return 'this is invalid base64 %';
248+
});
249+
}
250+
236251
public function testGetEnvJson()
237252
{
238253
$processor = new EnvVarProcessor(new Container());

0 commit comments

Comments
 (0)
0