8000 bug #11850 [YAML] properly mask escape sequences in quoted strings (x… · symfony/symfony@cfe60a4 · GitHub
[go: up one dir, main page]
Skip to content

Commit cfe60a4

Browse files
fabpotfabpot
committed
bug #11850 [YAML] properly mask escape sequences in quoted strings (xabbuh)
This PR was merged into the 2.3 branch. Discussion ---------- [YAML] properly mask escape sequences in quoted strings | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #11789 | License | MIT | Doc PR | Commits ------- a7d0cf2 properly mask escape sequences in quoted strings
2 parents 8897e58 + a7d0cf2 commit cfe60a4

File tree

2 files changed

+33
-2
lines changed

2 files changed

+33
-2
lines changed

src/Symfony/Component/Yaml/Escaper.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,13 +26,13 @@ class Escaper
2626
// first to ensure proper escaping because str_replace operates iteratively
2727
// on the input arrays. This ordering of the characters avoids the use of strtr,
2828
// which performs more slowly.
29-
private static $escapees = array('\\\\', '\\"', '"',
29+
private static $escapees = array('\\', '\\\\', '\\"', '"',
3030
"\x00", "\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07",
3131
"\x08", "\x09", "\x0a", "\x0b", "\x0c", "\x0d", "\x0e", "\x0f",
3232
"\x10", "\x11", "\x12", "\x13", "\x14", "\x15", "\x16", "\x17",
3333
"\x18", "\x19", "\x1a", "\x1b", "\x1c", "\x1d", "\x1e", "\x1f",
3434
"\xc2\x85", "\xc2\xa0", "\xe2\x80\xa8", "\xe2\x80\xa9");
35-
private static $escaped = array('\\"', '\\\\', '\\"',
35+
private static $escaped = array('\\\\', '\\"', '\\\\', '\\"',
3636
"\\0", "\\x01", "\\x02", "\\x03", "\\x04", "\\x05", "\\x06", "\\a",
3737
"\\b", "\\t", "\\n", "\\v", "\\f", "\\r", "\\x0e", "\\x0f",
3838
"\\x10", "\\x11", "\\x12", "\\x13", "\\x14", "\\x15", "\\x16", "\\x17",

src/Symfony/Component/Yaml/Tests/DumperTest.php

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -199,6 +199,37 @@ public function testObjectSupportDisabledWithExceptions()
199199
{
200200
$this->dumper->dump(array('foo' => new A(), 'bar' => 1), 0, 0, true, false);
201201
}
202+
203+
/**
204+
* @dataProvider getEscapeSequences
205+
*/
206+
public function testEscapedEscapeSequencesInQuotedScalar($input, $expected)
207+
{
208+
$this->assertEquals($expected, $this->dumper->dump($input));
209+
}
210+
211+
public function getEscapeSequences()
212+
{
213+
return array(
214+
'null' => array("\t\\0", '"\t\\\\0"'),
215+
'bell' => array("\t\\a", '"\t\\\\a"'),
216+
'backspace' => array("\t\\b", '"\t\\\\b"'),
217+
'horizontal-tab' => array("\t\\t", '"\t\\\\t"'),
218+
'line-feed' => array("\t\\n", '"\t\\\\n"'),
219+
'vertical-tab' => array("\t\\v", '"\t\\\\v"'),
220+
'form-feed' => array("\t\\f", '"\t\\\\f"'),
221+
'carriage-return' => array("\t\\r", '"\t\\\\r"'),
222+
'escape' => array("\t\\e", '"\t\\\\e"'),
223+
'space' => array("\t\\ ", '"\t\\\\ "'),
224+
'double-quote' => array("\t\\\"", '"\t\\\\\\""'),
225+
'slash' => array("\t\\/", '"\t\\\\/"'),
226+
'backslash' => array("\t\\\\", '"\t\\\\\\\\"'),
227+
'next-line' => array("\t\\N", '"\t\\\\N"'),
228+
'non-breaking-space' => array("\t\\", '"\t\\\\�"'),
229+
'line-separator' => array("\t\\L", '"\t\\\\L"'),
230+
'paragraph-separator' => array("\t\\P", '"\t\\\\P"'),
231+
);
232+
}
202233
}
203234

204235
class A

0 commit comments

Comments
 (0)
0