From e599a72fc7dfd2cb76dc3412617e513a09cadc4c Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 11 Oct 2015 14:05:15 +0200 Subject: [PATCH] [Yaml] deprecated non-escaped \ in double-quoted strings when parsing --- src/Symfony/Component/Yaml/CHANGELOG.md | 6 ++++++ .../Yaml/Tests/Fixtures/escapedCharacters.yml | 8 ++++++++ src/Symfony/Component/Yaml/Tests/InlineTest.php | 17 +++++++++++++++++ src/Symfony/Component/Yaml/Unescaper.php | 11 +++++++++-- 4 files changed, 40 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/Yaml/CHANGELOG.md b/src/Symfony/Component/Yaml/CHANGELOG.md index 096cf654d8..da735a1d8e 100644 --- a/src/Symfony/Component/Yaml/CHANGELOG.md +++ b/src/Symfony/Component/Yaml/CHANGELOG.md @@ -1,6 +1,12 @@ CHANGELOG ========= +2.8.0 +----- + + * Deprecated non-escaped \ in double-quoted strings when parsing Yaml + ("Foo\Var" is not valid whereas "Foo\\Var" is) + 2.1.0 ----- diff --git a/src/Symfony/Component/Yaml/Tests/Fixtures/escapedCharacters.yml b/src/Symfony/Component/Yaml/Tests/Fixtures/escapedCharacters.yml index 09bf86e790..6ca044c8da 100644 --- a/src/Symfony/Component/Yaml/Tests/Fixtures/escapedCharacters.yml +++ b/src/Symfony/Component/Yaml/Tests/Fixtures/escapedCharacters.yml @@ -145,3 +145,11 @@ php: | array( 'double' => "some value\n \"some quoted string\" and 'some single quotes one'" ) +--- +test: Backslashes +yaml: | + { single: 'foo\Var', no-quotes: foo\Var, double: "foo\\Var" } +php: | + array( + 'single' => 'foo\Var', 'no-quotes' => 'foo\Var', 'double' => 'foo\Var' + ) diff --git a/src/Symfony/Component/Yaml/Tests/InlineTest.php b/src/Symfony/Component/Yaml/Tests/InlineTest.php index 522d77053d..d8d680b281 100644 --- a/src/Symfony/Component/Yaml/Tests/InlineTest.php +++ b/src/Symfony/Component/Yaml/Tests/InlineTest.php @@ -72,6 +72,23 @@ class InlineTest extends \PHPUnit_Framework_TestCase $this->assertSame($value, Inline::parse(Inline::dump($value))); } + /** + * @group legacy + * throws \Symfony\Component\Yaml\Exception\ParseException in 3.0 + */ + public function testParseScalarWithNonEscapedBlackslashShouldThrowException() + { + $this->assertSame('Foo\Var', Inline::parse('"Foo\Var"')); + } + + /** + * @expectedException \Symfony\Component\Yaml\Exception\ParseException + */ + public function testParseScalarWithNonEscapedBlackslashAtTheEndShouldThrowException() + { + Inline::parse('"Foo\\"'); + } + /** * @expectedException \Symfony\Component\Yaml\Exception\ParseException */ diff --git a/src/Symfony/Component/Yaml/Unescaper.php b/src/Symfony/Component/Yaml/Unescaper.php index 1b5e5ec2dc..e5eaab0e17 100644 --- a/src/Symfony/Component/Yaml/Unescaper.php +++ b/src/Symfony/Component/Yaml/Unescaper.php @@ -32,7 +32,7 @@ class Unescaper /** * Regex fragment that matches an escaped character in a double quoted string. */ - const REGEX_ESCAPED_CHARACTER = "\\\\([0abt\tnvfre \\\"\\/\\\\N_LP]|x[0-9a-fA-F]{2}|u[0-9a-fA-F]{4}|U[0-9a-fA-F]{8})"; + const REGEX_ESCAPED_CHARACTER = "\\\\(x[0-9a-fA-F]{2}|u[0-9a-fA-F]{4}|U[0-9a-fA-F]{8}|.)"; /** * Unescapes a single quoted string. @@ -70,10 +70,13 @@ class Unescaper * @param string $value An escaped character * * @return string The unescaped character + * + * @internal This method is public to be usable as callback. It should not + * be used in user code. Should be changed in 3.0. */ public function unescapeCharacter($value) { - switch ($value{1}) { + switch ($value[1]) { case '0': return "\x0"; case 'a': @@ -120,6 +123,10 @@ class Unescaper return self::utf8chr(hexdec(substr($value, 2, 4))); case 'U': return self::utf8chr(hexdec(substr($value, 2, 8))); + default: + @trigger_error('Not escaping a backslash in a double-quoted string is deprecated since Symfony 2.8 and will throw a ParseException in 3.0.', E_USER_DEPRECATED); + + return $value; } }