Merge branch '3.4' into 4.3

* 3.4:
  [HttpFoundation] fix guessing mime-types of files with leading dash
  [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances
  Use constant time comparison in UriSigner

src/Symfony/Component/Cache/Adapter/TagAwareAdapter.php

@@ -286,6 +286,16 @@ class TagAwareAdapter implements TagAwareAdapterInterface, TagAwareCacheInterfac
         return $this->invalidateTags([]);
     }
 
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
+
     public function __destruct()
     {
         $this->commit();

src/Symfony/Component/Cache/Traits/AbstractAdapterTrait.php

@@ -108,6 +108,16 @@ trait AbstractAdapterTrait
         return true;
     }
 
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
+
     public function __destruct()
     {
         if ($this->deferred) {

src/Symfony/Component/HttpFoundation/File/MimeType/FileBinaryMimeTypeGuesser.php

@@ -36,7 +36,7 @@ class FileBinaryMimeTypeGuesser implements MimeTypeGuesserInterface
      *
      * @param string $cmd The command to run to get the mime type of a file
      */
-    public function __construct(string $cmd = 'file -b --mime %s 2>/dev/null')
+    public function __construct(string $cmd = 'file -b --mime -- %s 2>/dev/null')
     {
         $this->cmd = $cmd;
     }
@@ -85,7 +85,7 @@ class FileBinaryMimeTypeGuesser implements MimeTypeGuesserInterface
         ob_start();
 
         // need to use --mime instead of -i. see #6641
-        passthru(sprintf($this->cmd, escapeshellarg($path)), $return);
+        passthru(sprintf($this->cmd, escapeshellarg((0 === strpos($path, '-') ? './' : '').$path)), $return);
         if ($return > 0) {
             ob_end_clean();
 

src/Symfony/Component/HttpFoundation/Tests/File/MimeType/MimeTypeTest.php

@@ -21,6 +21,17 @@ use Symfony\Component\HttpFoundation\File\MimeType\MimeTypeGuesser;
  */
 class MimeTypeTest extends TestCase
 {
+    public function testGuessWithLeadingDash()
+    {
+        $cwd = getcwd();
+        chdir(__DIR__.'/../Fixtures');
+        try {
+            $this->assertEquals('image/gif', MimeTypeGuesser::getInstance()->guess('-test'));
+        } finally {
+            chdir($cwd);
+        }
+    }
+
     public function testGuessImageWithoutExtension()
     {
         $this->assertEquals('image/gif', MimeTypeGuesser::getInstance()->guess(__DIR__.'/../Fixtures/test'));

src/Symfony/Component/HttpKernel/UriSigner.php

@@ -79,7 +79,7 @@ class UriSigner
         $hash = $params[$this->parameter];
         unset($params[$this->parameter]);
 
-        return $this->computeHash($this->buildUrl($url, $params)) === $hash;
+        return hash_equals($this->computeHash($this->buildUrl($url, $params)), $hash);
     }
 
     private function computeHash($uri)