From 07402f4af3a6b8eba7c48edf2a09bc715e1efe75 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Deruss=C3=A9?= <jeremy@derusse.com>
Date: Sat, 12 Dec 2020 17:30:27 +0100
Subject: [PATCH] Dont allow unserializing classes with a destructor - 5.1

---
 .../Component/HttpClient/Response/AmpResponse.php      | 10 ++++++++++
 .../Bridge/AmazonSqs/Transport/Connection.php          | 10 ++++++++++
 src/Symfony/Component/String/UnicodeString.php         |  4 ++++
 3 files changed, 24 insertions(+)

diff --git a/src/Symfony/Component/HttpClient/Response/AmpResponse.php b/src/Symfony/Component/HttpClient/Response/AmpResponse.php
index 7f6c3c208f..46dffe118d 100644
--- a/src/Symfony/Component/HttpClient/Response/AmpResponse.php
+++ b/src/Symfony/Component/HttpClient/Response/AmpResponse.php
@@ -109,6 +109,16 @@ final class AmpResponse implements ResponseInterface
         return null !== $type ? $this->info[$type] ?? null : $this->info;
     }
 
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
+
     public function __destruct()
     {
         try {
diff --git a/src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php b/src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php
index 96f8d17eb2..83102668ae 100644
--- a/src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php
+++ b/src/Symfony/Component/Messenger/Bridge/AmazonSqs/Transport/Connection.php
@@ -63,6 +63,16 @@ class Connection
         $this->client = $client ?? new SqsClient([]);
     }
 
+    public function __sleep()
+    {
+        throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
+    }
+
+    public function __wakeup()
+    {
+        throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+    }
+
     public function __destruct()
     {
         $this->reset();
diff --git a/src/Symfony/Component/String/UnicodeString.php b/src/Symfony/Component/String/UnicodeString.php
index 2db507d7bb..9b906c6fc2 100644
--- a/src/Symfony/Component/String/UnicodeString.php
+++ b/src/Symfony/Component/String/UnicodeString.php
@@ -359,6 +359,10 @@ class UnicodeString extends AbstractUnicodeString
 
     public function __wakeup()
     {
+        if (!\is_string($this->string)) {
+            throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
+        }
+
         normalizer_is_normalized($this->string) ?: $this->string = normalizer_normalize($this->string);
     }