symfony
diff --git a/‎UPGRADE-5.1.md‎
Lines changed: 1 addition & 0 deletions b/‎UPGRADE-5.1.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎UPGRADE-6.0.md‎
Lines changed: 1 addition & 0 deletions b/‎UPGRADE-6.0.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Yaml/CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/Yaml/CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Yaml/Inline.php‎
Lines changed: 9 additions & 1 deletion b/‎src/Symfony/Component/Yaml/Inline.php‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Yaml/Tests/InlineTest.php‎
Lines changed: 18 additions & 0 deletions b/‎src/Symfony/Component/Yaml/Tests/InlineTest.php‎
Lines changed: 18 additions & 0 deletions
@@ -164,4 +164,5 @@ Security
 Yaml
 ----
 
+ * Deprecate support for parsing invalid octal numbers.
  * Deprecated using the `!php/object` and `!php/const` tags without a value.
@@ -111,4 +111,5 @@ Security
 Yaml
 ----
 
+ * Removed support for parsing invalid octal numbers.
  * Removed support for using the `!php/object` and `!php/const` tags without a value.
@@ -4,6 +4,7 @@ CHANGELOG
 5.1.0
 -----
 
+ * Deprecate support for parsing invalid octal numbers.
  * Added `yaml-lint` binary.
  * Deprecated using the `!php/object` and `!php/const` tags without a value.
 
 
@@ -644,12 +644,20 @@ private static function evaluateScalar(string $scalar, int $flags, array $refere
                         $raw = $scalar;
                         $cast = (int) $scalar;
 
+                        if ('0' === $scalar[0] && !Parser::preg_match('/^[0-7]*$/', $scalar)) {
+                            @trigger_error(sprintf('Support for parsing the invalid octal number %s is deprecated since Symfony 5.1.', $scalar), E_USER_DEPRECATED);
+                        }
+
                         return '0' == $scalar[0] ? octdec($scalar) : (((string) $raw == (string) $cast) ? $cast : $raw);
                     case '-' === $scalar[0] && ctype_digit(substr($scalar, 1)):
                         $raw = $scalar;
                         $cast = (int) $scalar;
 
-                        return '0' == $scalar[1] ? -octdec(substr($scalar, 1)) : (($raw === (string) $cast) ? $cast : $raw);
+                        if ('0' === $scalar[1] && !Parser::preg_match('/^[0-7]*$/', $octal = substr($scalar, 1))) {
+                            @trigger_error(sprintf('Support for parsing the invalid octal number %s is deprecated since Symfony 5.1.', $scalar), E_USER_DEPRECATED);
+                        }
+
+                        return '0' == $scalar[1] ? -octdec($octal) : (($raw === (string) $cast) ? $cast : $raw);
                     case is_numeric($scalar):
                     case Parser::preg_match(self::getHexRegex(), $scalar):
                         $scalar = str_replace('_', '', $scalar);
 
@@ -856,4 +856,22 @@ public function quotedExclamationMarkProvider()
             [['!'], '! ["!"]'],
         ];
     }
+
+    /**
+     * @group legacy
+     * @expectedDeprecation Support for parsing the invalid octal number 0123456789 is deprecated since Symfony 5.1.
+     */
+    public function testParseInvalidPositiveOctalNumber()
+    {
+        self::assertSame(342391, Inline::parse('0123456789'));
+    }
+
+    /**
+     * @group legacy
+     * @expectedDeprecation Support for parsing the invalid octal number -0123456789 is deprecated since Symfony 5.1.
+     */
+    public function testParseInvalidNegativeOctalNumber()
+    {
+        self::assertSame(-342391, Inline::parse('-0123456789'));
+    }
 }