From bed479c56105ccf0821f1c39521b5fe63ccbe8e2 Mon Sep 17 00:00:00 2001
From: Gregor Harlan <mail@gh01.de>
Date: Wed, 16 Oct 2019 00:08:58 +0200
Subject: [PATCH 1/2] [Yaml] Throw exception for tagged invalid inline elements

---
 src/Symfony/Component/Yaml/Inline.php           | 8 ++++----
 src/Symfony/Component/Yaml/Tests/InlineTest.php | 6 ++++++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/Symfony/Component/Yaml/Inline.php b/src/Symfony/Component/Yaml/Inline.php
index 10fa2702e8..7d3218a35e 100644
--- a/src/Symfony/Component/Yaml/Inline.php
+++ b/src/Symfony/Component/Yaml/Inline.php
@@ -126,15 +126,15 @@ class Inline
                     $result = self::parseScalar($value, $flags, null, $i, null === $tag, $references);
             }
 
-            if (null !== $tag) {
-                return new TaggedValue($tag, $result);
-            }
-
             // some comments are allowed at the end
             if (preg_replace('/\s+#.*$/A', '', substr($value, $i))) {
                 throw new ParseException(sprintf('Unexpected characters near "%s".', substr($value, $i)), self::$parsedLineNumber + 1, $value, self::$parsedFilename);
             }
 
+            if (null !== $tag) {
+                return new TaggedValue($tag, $result);
+            }
+
             return $result;
         } finally {
             if (isset($mbEncoding)) {
diff --git a/src/Symfony/Component/Yaml/Tests/InlineTest.php b/src/Symfony/Component/Yaml/Tests/InlineTest.php
index 3b3dabf56d..014a12a706 100644
--- a/src/Symfony/Component/Yaml/Tests/InlineTest.php
+++ b/src/Symfony/Component/Yaml/Tests/InlineTest.php
@@ -201,6 +201,12 @@ class InlineTest extends TestCase
         Inline::parse('{ foo: bar } bar');
     }
 
+    public function testParseInvalidTaggedSequenceShouldThrowException()
+    {
+        $this->expectException('Symfony\Component\Yaml\Exception\ParseException');
+        Inline::parse('!foo { bar: baz } qux', Yaml::PARSE_CUSTOM_TAGS);
+    }
+
     public function testParseScalarWithCorrectlyQuotedStringShouldReturnString()
     {
         $value = "'don''t do somthin'' like that'";

From 4d79116a0dd5c952d4fbc7fd883f539be80e12c5 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Fri, 18 Oct 2019 12:00:34 +0200
Subject: [PATCH 2/2] [Dotenv] allow LF in single-quoted strings

---
 src/Symfony/Component/Dotenv/Dotenv.php       | 23 +++++++------------
 .../Component/Dotenv/Tests/DotenvTest.php     |  2 ++
 2 files changed, 10 insertions(+), 15 deletions(-)

diff --git a/src/Symfony/Component/Dotenv/Dotenv.php b/src/Symfony/Component/Dotenv/Dotenv.php
index 78bc83334e..c2475f204a 100644
--- a/src/Symfony/Component/Dotenv/Dotenv.php
+++ b/src/Symfony/Component/Dotenv/Dotenv.php
@@ -189,25 +189,18 @@ final class Dotenv
 
         do {
             if ("'" === $this->data[$this->cursor]) {
-                $value = '';
-                ++$this->cursor;
+                $len = 0;
 
-                while ("\n" !== $this->data[$this->cursor]) {
-                    if ("'" === $this->data[$this->cursor]) {
-                        break;
-                    }
-                    $value .= $this->data[$this->cursor];
-                    ++$this->cursor;
+                do {
+                    if ($this->cursor + ++$len === $this->end) {
+                        $this->cursor += $len;
 
-                    if ($this->cursor === $this->end) {
                         throw $this->createFormatException('Missing quote to end the value');
                     }
-                }
-                if ("\n" === $this->data[$this->cursor]) {
-                    throw $this->createFormatException('Missing quote to end the value');
-                }
-                ++$this->cursor;
-                $v .= $value;
+                } while ("'" !== $this->data[$this->cursor + $len]);
+
+                $v .= substr($this->data, 1 + $this->cursor, $len - 1);
+                $this->cursor += 1 + $len;
             } elseif ('"' === $this->data[$this->cursor]) {
                 $value = '';
                 ++$this->cursor;
diff --git a/src/Symfony/Component/Dotenv/Tests/DotenvTest.php b/src/Symfony/Component/Dotenv/Tests/DotenvTest.php
index dc7c4c1715..1e493f24bd 100644
--- a/src/Symfony/Component/Dotenv/Tests/DotenvTest.php
+++ b/src/Symfony/Component/Dotenv/Tests/DotenvTest.php
@@ -40,6 +40,7 @@ class DotenvTest extends TestCase
             ['FOO', "Missing = in the environment variable declaration in \".env\" at line 1.\n...FOO...\n     ^ line 1 offset 3"],
             ['FOO="foo', "Missing quote to end the value in \".env\" at line 1.\n...FOO=\"foo...\n          ^ line 1 offset 8"],
             ['FOO=\'foo', "Missing quote to end the value in \".env\" at line 1.\n...FOO='foo...\n          ^ line 1 offset 8"],
+            ['FOO=\'foo'."\n", "Missing quote to end the value in \".env\" at line 1.\n...FOO='foo\\n...\n            ^ line 1 offset 9"],
             ['export FOO', "Unable to unset an environment variable in \".env\" at line 1.\n...export FOO...\n            ^ line 1 offset 10"],
             ['FOO=${FOO', "Unclosed braces on variable expansion in \".env\" at line 1.\n...FOO=\${FOO...\n           ^ line 1 offset 9"],
         ];
@@ -105,6 +106,7 @@ class DotenvTest extends TestCase
             ['FOO="bar\rfoo"', ['FOO' => "bar\rfoo"]],
             ['FOO=\'bar\nfoo\'', ['FOO' => 'bar\nfoo']],
             ['FOO=\'bar\rfoo\'', ['FOO' => 'bar\rfoo']],
+            ["FOO='bar\nfoo'", ['FOO' => "bar\nfoo"]],
             ['FOO=" FOO "', ['FOO' => ' FOO ']],
             ['FOO="  "', ['FOO' => '  ']],
             ['PATH="c:\\\\"', ['PATH' => 'c:\\']],