From 7a04b8e49d2d590f1cc5340664a60a51860b9afc Mon Sep 17 00:00:00 2001 From: Thomas Calvet Date: Tue, 14 Jan 2020 09:16:44 +0100 Subject: [PATCH] [Yaml][Inline] Fail properly on empty object tag and empty const tag --- src/Symfony/Component/Yaml/Inline.php | 15 ++++++- .../Component/Yaml/Tests/InlineTest.php | 43 +++++++++++++++++++ 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/Yaml/Inline.php b/src/Symfony/Component/Yaml/Inline.php index 73aba3cb8b0dc..9ba724177c4c6 100644 --- a/src/Symfony/Component/Yaml/Inline.php +++ b/src/Symfony/Component/Yaml/Inline.php @@ -506,7 +506,12 @@ private static function parseMapping($mapping, $flags, &$i = 0, $references = [] if ('!php/const' === $key) { $key .= self::parseScalar($mapping, $flags, [':', ' '], $i, false, [], true); - $key = self::evaluateScalar($key, $flags); + if ('!php/const:' === $key && ':' !== $mapping[$i]) { + $key = ''; + $i--; + } else { + $key = self::evaluateScalar($key, $flags); + } } if (':' !== $key && false === $i = strpos($mapping, ':', $i)) { @@ -692,6 +697,10 @@ private static function evaluateScalar($scalar, $flags, $references = []) return null; case 0 === strpos($scalar, '!php/object'): if (self::$objectSupport) { + if (!isset($scalar[12])) { + return false; + } + return unserialize(self::parseScalar(substr($scalar, 12))); } @@ -717,6 +726,10 @@ private static function evaluateScalar($scalar, $flags, $references = []) return null; case 0 === strpos($scalar, '!php/const'): if (self::$constantSupport) { + if (!isset($scalar[11])) { + return ''; + } + $i = 0; if (\defined($const = self::parseScalar(substr($scalar, 11), 0, null, $i, false))) { return \constant($const); diff --git a/src/Symfony/Component/Yaml/Tests/InlineTest.php b/src/Symfony/Component/Yaml/Tests/InlineTest.php index 54372d69505bc..5b55451e19eb3 100644 --- a/src/Symfony/Component/Yaml/Tests/InlineTest.php +++ b/src/Symfony/Component/Yaml/Tests/InlineTest.php @@ -799,4 +799,47 @@ public function getTestsForOctalNumbers() 'negative octal number' => [-28, '-034'], ]; } + + /** + * @dataProvider phpObjectTagWithEmptyValueProvider + */ + public function testPhpObjectWithEmptyValue($expected, $value) + { + $this->assertSame($expected, Inline::parse($value, Yaml::PARSE_OBJECT)); + } + + public function phpObjectTagWithEmptyValueProvider() + { + return [ + [false, '!php/object'], + [false, '!php/object '], + [false, '!php/object '], + [[false], '[!php/object]'], + [[false], '[!php/object ]'], + [[false, 'foo'], '[!php/object , foo]'], + ]; + } + + /** + * @dataProvider phpConstTagWithEmptyValueProvider + */ + public function testPhpConstTagWithEmptyValue($expected, $value) + { + $this->assertSame($expected, Inline::parse($value, Yaml::PARSE_CONSTANT)); + } + + public function phpConstTagWithEmptyValueProvider() + { + return [ + ['', '!php/const'], + ['', '!php/const '], + ['', '!php/const '], + [[''], '[!php/const]'], + [[''], '[!php/const ]'], + [['', 'foo'], '[!php/const , foo]'], + [['' => 'foo'], '{!php/const: foo}'], + [['' => 'foo'], '{!php/const : foo}'], + [['' => 'foo', 'bar' => 'ccc'], '{!php/const : foo, bar: ccc}'], + ]; + } }