Dont allow unserializing classes with a destructor - 5.2
This commit is contained in:
parent
6caf916083
commit
98601908bb
@ -127,6 +127,16 @@ trait CommonResponseTrait
|
||||
return $stream;
|
||||
}
|
||||
|
||||
public function __sleep()
|
||||
{
|
||||
throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
|
||||
}
|
||||
|
||||
public function __wakeup()
|
||||
{
|
||||
throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
|
||||
}
|
||||
|
||||
/**
|
||||
* Closes the response and all its network handles.
|
||||
*/
|
||||
|
@ -44,6 +44,16 @@ class TraceableResponse implements ResponseInterface, StreamableInterface
|
||||
$this->event = $event;
|
||||
}
|
||||
|
||||
public function __sleep()
|
||||
{
|
||||
throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
|
||||
}
|
||||
|
||||
public function __wakeup()
|
||||
{
|
||||
throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
|
||||
}
|
||||
|
||||
public function __destruct()
|
||||
{
|
||||
try {
|
||||
|
@ -104,6 +104,10 @@ final class TokenBucket implements LimiterStateInterface
|
||||
*/
|
||||
public function __wakeup(): void
|
||||
{
|
||||
if (!\is_string($this->stringRate)) {
|
||||
throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
|
||||
}
|
||||
|
||||
$this->rate = Rate::fromString($this->stringRate);
|
||||
unset($this->stringRate);
|
||||
}
|
||||
|
Reference in New Issue
Block a user