Merge branch '4.4' into 5.2

derrabus · derrabus · commit 76546cbeddd0 · 2021-04-29T22:47:09.000+02:00
* 4.4:
  [Security/Core] fix checking for bcrypt
  [HttpFoundation] Fixes for PHP 8.1 deprecations
  [Mime] DataPart: remove confusing fix-me comment
  expose references detected in inline notation structures
diff --git a/Inline.php b/Inline.php
@@ -58,7 +58,7 @@ public static function initialize(int $flags, int $parsedLineNumber = null, stri
      *
      * @throws ParseException
      */
-    public static function parse(string $value = null, int $flags = 0, array $references = [])
+    public static function parse(string $value = null, int $flags = 0, array &$references = [])
     {
         self::initialize($flags);
 
@@ -267,7 +267,7 @@ private static function dumpNull(int $flags): string
      *
      * @throws ParseException When malformed inline YAML string is parsed
      */
-    public static function parseScalar(string $scalar, int $flags = 0, array $delimiters = null, int &$i = 0, bool $evaluate = true, array $references = [])
+    public static function parseScalar(string $scalar, int $flags = 0, array $delimiters = null, int &$i = 0, bool $evaluate = true, array &$references = [])
     {
         if (\in_array($scalar[$i], ['"', "'"], true)) {
             // quoted scalar
@@ -343,7 +343,7 @@ private static function parseQuotedScalar(string $scalar, int &$i): string
      *
      * @throws ParseException When malformed inline YAML string is parsed
      */
-    private static function parseSequence(string $sequence, int $flags, int &$i = 0, array $references = []): array
+    private static function parseSequence(string $sequence, int $flags, int &$i = 0, array &$references = []): array
     {
         $output = [];
         $len = \strlen($sequence);
@@ -385,6 +385,11 @@ private static function parseSequence(string $sequence, int $flags, int &$i = 0,
                         }
                     }
 
+                    if (\is_string($value) && '' !== $value && '&' === $value[0] && Parser::preg_match(Parser::REFERENCE_PATTERN, $value, $matches)) {
+                        $references[$matches['ref']] = $matches['value'];
+                        $value = $matches['value'];
+                    }
+
                     --$i;
             }
 
@@ -407,7 +412,7 @@ private static function parseSequence(string $sequence, int $flags, int &$i = 0,
      *
      * @throws ParseException When malformed inline YAML string is parsed
      */
-    private static function parseMapping(string $mapping, int $flags, int &$i = 0, array $references = [])
+    private static function parseMapping(string $mapping, int $flags, int &$i = 0, array &$references = [])
     {
         $output = [];
         $len = \strlen($mapping);
@@ -433,14 +438,14 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a
             // key
             $offsetBeforeKeyParsing = $i;
             $isKeyQuoted = \in_array($mapping[$i], ['"', "'"], true);
-            $key = self::parseScalar($mapping, $flags, [':', ' '], $i, false, []);
+            $key = self::parseScalar($mapping, $flags, [':', ' '], $i, false);
 
             if ($offsetBeforeKeyParsing === $i) {
                 throw new ParseException('Missing mapping key.', self::$parsedLineNumber + 1, $mapping);
             }
 
             if ('!php/const' === $key) {
-                $key .= ' '.self::parseScalar($mapping, $flags, [':'], $i, false, []);
+                $key .= ' '.self::parseScalar($mapping, $flags, [':'], $i, false);
                 $key = self::evaluateScalar($key, $flags);
             }
 
@@ -522,6 +527,11 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a
                         if ('<<' === $key) {
                             $output += $value;
                         } elseif ($allowOverwrite || !isset($output[$key])) {
+                            if (\is_string($value) && '' !== $value && '&' === $value[0] && Parser::preg_match(Parser::REFERENCE_PATTERN, $value, $matches)) {
+                                $references[$matches['ref']] = $matches['value'];
+                                $value = $matches['value'];
+                            }
+
                             if (null !== $tag) {
                                 $output[$key] = new TaggedValue($tag, $value);
                             } else {
@@ -548,7 +558,7 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a
      *
      * @throws ParseException when object parsing support was disabled and the parser detected a PHP object or when a reference could not be resolved
      */
-    private static function evaluateScalar(string $scalar, int $flags, array $references = [])
+    private static function evaluateScalar(string $scalar, int $flags, array &$references = [])
     {
         $scalar = trim($scalar);
 
diff --git a/Parser.php b/Parser.php
@@ -25,6 +25,7 @@ class Parser
 {
     public const TAG_PATTERN = '(?P<tag>![\w!.\/:-]+)';
     public const BLOCK_SCALAR_HEADER_PATTERN = '(?P<separator>\||>)(?P<modifiers>\+|\-|\d+|\+\d+|\-\d+|\d+\+|\d+\-)?(?P<comments> +#.*)?';
+    public const REFERENCE_PATTERN = '#^&(?P<ref>[^ ]++) *+(?P<value>.*)#u';
 
     private $filename;
     private $offset = 0;
@@ -161,7 +162,7 @@ private function doParse(string $value, int $flags)
                 }
                 $context = 'sequence';
 
-                if (isset($values['value']) && '&' === $values['value'][0] && self::preg_match('#^&(?P<ref>[^ ]+) *(?P<value>.*)#u', $values['value'], $matches)) {
+                if (isset($values['value']) && '&' === $values['value'][0] && self::preg_match(self::REFERENCE_PATTERN, $values['value'], $matches)) {
                     $isRef = $matches['ref'];
                     $this->refsBeingParsed[] = $isRef;
                     $values['value'] = $matches['value'];
@@ -299,7 +300,7 @@ private function doParse(string $value, int $flags)
                             $data += $parsed; // array union
                         }
                     }
-                } elseif ('<<' !== $key && isset($values['value']) && '&' === $values['value'][0] && self::preg_match('#^&(?P<ref>[^ ]++) *+(?P<value>.*)#u', $values['value'], $matches)) {
+                } elseif ('<<' !== $key && isset($values['value']) && '&' === $values['value'][0] && self::preg_match(self::REFERENCE_PATTERN, $values['value'], $matches)) {
                     $isRef = $matches['ref'];
                     $this->refsBeingParsed[] = $isRef;
                     $values['value'] = $matches['value'];
diff --git a/Tests/InlineTest.php b/Tests/InlineTest.php
@@ -190,7 +190,8 @@ public function testParseScalarWithCorrectlyQuotedStringShouldReturnString()
      */
     public function testParseReferences($yaml, $expected)
     {
-        $this->assertSame($expected, Inline::parse($yaml, 0, ['var' => 'var-value']));
+        $references = ['var' => 'var-value'];
+        $this->assertSame($expected, Inline::parse($yaml, 0, $references));
     }
 
     public function getDataForParseReferences()
@@ -214,7 +215,8 @@ public function testParseMapReferenceInSequence()
             'b' => 'Clark',
             'c' => 'Brian',
         ];
-        $this->assertSame([$foo], Inline::parse('[*foo]', 0, ['foo' => $foo]));
+        $references = ['foo' => $foo];
+        $this->assertSame([$foo], Inline::parse('[*foo]', 0, $references));
     }
 
     public function testParseUnquotedAsterisk()
diff --git a/Tests/ParserTest.php b/Tests/ParserTest.php
@@ -1072,6 +1072,10 @@ public function testReferenceResolvingInInlineStrings()
             'map' => ['key' => 'var-value'],
             'list_in_map' => ['key' => ['var-value']],
             'map_in_map' => ['foo' => ['bar' => 'var-value']],
+            'foo' => ['bar' => 'baz'],
+            'bar' => ['foo' => 'baz'],
+            'baz' => ['foo'],
+            'foobar' => ['foo'],
         ], Yaml::parse(<<<'EOF'
 var:  &var var-value
 scalar: *var
@@ -1082,6 +1086,10 @@ public function testReferenceResolvingInInlineStrings()
 map: { key: *var }
 list_in_map: { key: [*var] }
 map_in_map: { foo: { bar: *var } }
+foo: { bar: &baz baz }
+bar: { foo: *baz }
+baz: [ &foo foo ]
+foobar: [ *foo ]
 EOF
         ));
     }

Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ public static function initialize(int $flags, int $parsedLineNumber = null, stri`
`58`	`58`	`*`
`59`	`59`	`* @throws ParseException`
`60`	`60`	`*/`
`61`		`- public static function parse(string $value = null, int $flags = 0, array $references = [])`
	`61`	`+ public static function parse(string $value = null, int $flags = 0, array &$references = [])`
`62`	`62`	`{`
`63`	`63`	`self::initialize($flags);`
`64`	`64`
`@@ -267,7 +267,7 @@ private static function dumpNull(int $flags): string`
`267`	`267`	`*`
`268`	`268`	`* @throws ParseException When malformed inline YAML string is parsed`
`269`	`269`	`*/`
`270`		`- public static function parseScalar(string $scalar, int $flags = 0, array $delimiters = null, int &$i = 0, bool $evaluate = true, array $references = [])`
	`270`	`+ public static function parseScalar(string $scalar, int $flags = 0, array $delimiters = null, int &$i = 0, bool $evaluate = true, array &$references = [])`
`271`	`271`	`{`
`272`	`272`	`if (\in_array($scalar[$i], ['"', "'"], true)) {`
`273`	`273`	`// quoted scalar`
`@@ -343,7 +343,7 @@ private static function parseQuotedScalar(string $scalar, int &$i): string`
`343`	`343`	`*`
`344`	`344`	`* @throws ParseException When malformed inline YAML string is parsed`
`345`	`345`	`*/`
`346`		`- private static function parseSequence(string $sequence, int $flags, int &$i = 0, array $references = []): array`
	`346`	`+ private static function parseSequence(string $sequence, int $flags, int &$i = 0, array &$references = []): array`
`347`	`347`	`{`
`348`	`348`	`$output = [];`
`349`	`349`	`$len = \strlen($sequence);`
`@@ -385,6 +385,11 @@ private static function parseSequence(string $sequence, int $flags, int &$i = 0,`
`385`	`385`	`}`
`386`	`386`	`}`
`387`	`387`
	`388`	`+ if (\is_string($value) && '' !== $value && '&' === $value[0] && Parser::preg_match(Parser::REFERENCE_PATTERN, $value, $matches)) {`
	`389`	`+ $references[$matches['ref']] = $matches['value'];`
	`390`	`+ $value = $matches['value'];`
	`391`	`+ }`
	`392`	`+`
`388`	`393`	`--$i;`
`389`	`394`	`}`
`390`	`395`
`@@ -407,7 +412,7 @@ private static function parseSequence(string $sequence, int $flags, int &$i = 0,`
`407`	`412`	`*`
`408`	`413`	`* @throws ParseException When malformed inline YAML string is parsed`
`409`	`414`	`*/`
`410`		`- private static function parseMapping(string $mapping, int $flags, int &$i = 0, array $references = [])`
	`415`	`+ private static function parseMapping(string $mapping, int $flags, int &$i = 0, array &$references = [])`
`411`	`416`	`{`
`412`	`417`	`$output = [];`
`413`	`418`	`$len = \strlen($mapping);`
`@@ -433,14 +438,14 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a`
`433`	`438`	`// key`
`434`	`439`	`$offsetBeforeKeyParsing = $i;`
`435`	`440`	`$isKeyQuoted = \in_array($mapping[$i], ['"', "'"], true);`
`436`		`- $key = self::parseScalar($mapping, $flags, [':', ' '], $i, false, []);`
	`441`	`+ $key = self::parseScalar($mapping, $flags, [':', ' '], $i, false);`
`437`	`442`
`438`	`443`	`if ($offsetBeforeKeyParsing === $i) {`
`439`	`444`	`throw new ParseException('Missing mapping key.', self::$parsedLineNumber + 1, $mapping);`
`440`	`445`	`}`
`441`	`446`
`442`	`447`	`if ('!php/const' === $key) {`
`443`		`- $key .= ' '.self::parseScalar($mapping, $flags, [':'], $i, false, []);`
	`448`	`+ $key .= ' '.self::parseScalar($mapping, $flags, [':'], $i, false);`
`444`	`449`	`$key = self::evaluateScalar($key, $flags);`
`445`	`450`	`}`
`446`	`451`
`@@ -522,6 +527,11 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a`
`522`	`527`	`if ('<<' === $key) {`
`523`	`528`	`$output += $value;`
`524`	`529`	`} elseif ($allowOverwrite \|\| !isset($output[$key])) {`
	`530`	`+ if (\is_string($value) && '' !== $value && '&' === $value[0] && Parser::preg_match(Parser::REFERENCE_PATTERN, $value, $matches)) {`
	`531`	`+ $references[$matches['ref']] = $matches['value'];`
	`532`	`+ $value = $matches['value'];`
	`533`	`+ }`
	`534`	`+`
`525`	`535`	`if (null !== $tag) {`
`526`	`536`	`$output[$key] = new TaggedValue($tag, $value);`
`527`	`537`	`} else {`
`@@ -548,7 +558,7 @@ private static function parseMapping(string $mapping, int $flags, int &$i = 0, a`
`548`	`558`	`*`
`549`	`559`	`* @throws ParseException when object parsing support was disabled and the parser detected a PHP object or when a reference could not be resolved`
`550`	`560`	`*/`
`551`		`- private static function evaluateScalar(string $scalar, int $flags, array $references = [])`
	`561`	`+ private static function evaluateScalar(string $scalar, int $flags, array &$references = [])`
`552`	`562`	`{`
`553`	`563`	`$scalar = trim($scalar);`
`554`	`564`
Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,7 @@ class Parser`
`25`	`25`	`{`
`26`	`26`	`public const TAG_PATTERN = '(?P<tag>![\w!.\/:-]+)';`
`27`	`27`	`public const BLOCK_SCALAR_HEADER_PATTERN = '(?P<separator>\\|\|>)(?P<modifiers>\+\|\-\|\d+\|\+\d+\|\-\d+\|\d+\+\|\d+\-)?(?P<comments> +#.*)?';`
	`28`	`+ public const REFERENCE_PATTERN = '#^&(?P<ref>[^ ]++) +(?P<value>.)#u';`
`28`	`29`
`29`	`30`	`private $filename;`
`30`	`31`	`private $offset = 0;`
`@@ -161,7 +162,7 @@ private function doParse(string $value, int $flags)`
`161`	`162`	`}`
`162`	`163`	`$context = 'sequence';`
`163`	`164`
`164`		`- if (isset($values['value']) && '&' === $values['value'][0] && self::preg_match('#^&(?P<ref>[^ ]+) (?P<value>.)#u', $values['value'], $matches)) {`
	`165`	`+ if (isset($values['value']) && '&' === $values['value'][0] && self::preg_match(self::REFERENCE_PATTERN, $values['value'], $matches)) {`
`165`	`166`	`$isRef = $matches['ref'];`
`166`	`167`	`$this->refsBeingParsed[] = $isRef;`
`167`	`168`	`$values['value'] = $matches['value'];`
`@@ -299,7 +300,7 @@ private function doParse(string $value, int $flags)`
`299`	`300`	`$data += $parsed; // array union`
`300`	`301`	`}`
`301`	`302`	`}`
`302`		`- } elseif ('<<' !== $key && isset($values['value']) && '&' === $values['value'][0] && self::preg_match('#^&(?P<ref>[^ ]++) +(?P<value>.)#u', $values['value'], $matches)) {`
	`303`	`+ } elseif ('<<' !== $key && isset($values['value']) && '&' === $values['value'][0] && self::preg_match(self::REFERENCE_PATTERN, $values['value'], $matches)) {`
`303`	`304`	`$isRef = $matches['ref'];`
`304`	`305`	`$this->refsBeingParsed[] = $isRef;`
`305`	`306`	`$values['value'] = $matches['value'];`
Original file line number	Diff line number	Diff line change
`@@ -190,7 +190,8 @@ public function testParseScalarWithCorrectlyQuotedStringShouldReturnString()`
`190`	`190`	`*/`
`191`	`191`	`public function testParseReferences($yaml, $expected)`
`192`	`192`	`{`
`193`		`- $this->assertSame($expected, Inline::parse($yaml, 0, ['var' => 'var-value']));`
	`193`	`+ $references = ['var' => 'var-value'];`
	`194`	`+ $this->assertSame($expected, Inline::parse($yaml, 0, $references));`
`194`	`195`	`}`
`195`	`196`
`196`	`197`	`public function getDataForParseReferences()`
`@@ -214,7 +215,8 @@ public function testParseMapReferenceInSequence()`
`214`	`215`	`'b' => 'Clark',`
`215`	`216`	`'c' => 'Brian',`
`216`	`217`	`];`
`217`		`- $this->assertSame([$foo], Inline::parse('[*foo]', 0, ['foo' => $foo]));`
	`218`	`+ $references = ['foo' => $foo];`
	`219`	`+ $this->assertSame([$foo], Inline::parse('[*foo]', 0, $references));`
`218`	`220`	`}`
`219`	`221`
`220`	`222`	`public function testParseUnquotedAsterisk()`