Don't trust properties at destruct time

nicolas-grekas · thePanz · commit 1ed324116b44 · 2024-02-27T17:34:11.000+01:00
(cherry picked from commit 5878b18)
diff --git a/lib/classes/Swift/ByteStream/TemporaryFileByteStream.php b/lib/classes/Swift/ByteStream/TemporaryFileByteStream.php
@@ -39,4 +39,14 @@ public function __destruct()
             @unlink($this->getPath());
         }
     }
+
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
 }
diff --git a/lib/classes/Swift/KeyCache/DiskKeyCache.php b/lib/classes/Swift/KeyCache/DiskKeyCache.php
@@ -318,4 +318,9 @@ public function __destruct()
             $this->clearAll($nsKey);
         }
     }
+
+    public function __wakeup()
+    {
+        $this->keys = [];
+    }
 }
diff --git a/lib/classes/Swift/Mime/SimpleMimeEntity.php b/lib/classes/Swift/Mime/SimpleMimeEntity.php
@@ -843,4 +843,10 @@ public function __clone()
         }
         $this->setChildren($children);
     }
+
+    public function __wakeup()
+    {
+        $this->cacheKey = bin2hex(random_bytes(16)); // set 32 hex values
+        $this->cache = new Swift_KeyCache_ArrayKeyCache(new Swift_KeyCache_SimpleKeyCacheInputStream());
+    }
 }
diff --git a/lib/classes/Swift/Transport/AbstractSmtpTransport.php b/lib/classes/Swift/Transport/AbstractSmtpTransport.php
@@ -496,4 +496,14 @@ public function __destruct()
         } catch (Exception $e) {
         }
     }
+
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -39,4 +39,14 @@ public function __destruct()`
`39`	`39`	`@unlink($this->getPath());`
`40`	`40`	`}`
`41`	`41`	`}`
	`42`	`+`
	`43`	`+ public function __sleep()`
	`44`	`+ {`
	`45`	`+ throw new \BadMethodCallException('Cannot serialize '.__CLASS__);`
	`46`	`+ }`
	`47`	`+`
	`48`	`+ public function __wakeup()`
	`49`	`+ {`
	`50`	`+ throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);`
	`51`	`+ }`
`42`	`52`	`}`
Original file line number	Diff line number	Diff line change
`@@ -318,4 +318,9 @@ public function __destruct()`
`318`	`318`	`$this->clearAll($nsKey);`
`319`	`319`	`}`
`320`	`320`	`}`
	`321`	`+`
	`322`	`+ public function __wakeup()`
	`323`	`+ {`
	`324`	`+ $this->keys = [];`
	`325`	`+ }`
`321`	`326`	`}`
Original file line number	Diff line number	Diff line change
`@@ -843,4 +843,10 @@ public function __clone()`
`843`	`843`	`}`
`844`	`844`	`$this->setChildren($children);`
`845`	`845`	`}`
	`846`	`+`
	`847`	`+ public function __wakeup()`
	`848`	`+ {`
	`849`	`+ $this->cacheKey = bin2hex(random_bytes(16)); // set 32 hex values`
	`850`	`+ $this->cache = new Swift_KeyCache_ArrayKeyCache(new Swift_KeyCache_SimpleKeyCacheInputStream());`
	`851`	`+ }`
`846`	`852`	`}`
Original file line number	Diff line number	Diff line change
`@@ -496,4 +496,14 @@ public function __destruct()`
`496`	`496`	`} catch (Exception $e) {`
`497`	`497`	`}`
`498`	`498`	`}`
	`499`	`+`
	`500`	`+ public function __sleep()`
	`501`	`+ {`
	`502`	`+ throw new \BadMethodCallException('Cannot serialize '.__CLASS__);`
	`503`	`+ }`
	`504`	`+`
	`505`	`+ public function __wakeup()`
	`506`	`+ {`
	`507`	`+ throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);`
	`508`	`+ }`
`499`	`509`	`}`