Skip to content

Commit 929ab73

Browse files
MatTheCatnicolas-grekas
MatTheCat
authored and
nicolas-grekas
committed
[DependencyInjection] Escape parameters before resolving env placeholders
1 parent 35d0549 commit 929ab73

File tree

2 files changed

+17
-2
lines changed

2 files changed

+17
-2
lines changed

ContainerBuilder.php

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -777,7 +777,7 @@ public function compile(bool $resolveEnvPlaceholders = false)
777777

778778
if ($bag instanceof EnvPlaceholderParameterBag) {
779779
if ($resolveEnvPlaceholders) {
780-
$this->parameterBag = new ParameterBag($this->resolveEnvPlaceholders($bag->all(), true));
780+
$this->parameterBag = new ParameterBag($this->resolveEnvPlaceholders($this->escapeParameters($bag->all()), true));
781781
}
782782

783783
$this->envPlaceholders = $bag->getEnvPlaceholders();
@@ -1728,4 +1728,18 @@ private function inVendors(string $path): bool
17281728

17291729
return $this->pathsInVendor[$path] = false;
17301730
}
1731+
1732+
private function escapeParameters(array $parameters): array
1733+
{
1734+
$params = [];
1735+
foreach ($parameters as $k => $v) {
1736+
$params[$k] = match (true) {
1737+
\is_array($v) => $this->escapeParameters($v),
1738+
\is_string($v) => str_replace('%', '%%', $v),
1739+
default => $v,
1740+
};
1741+
}
1742+
1743+
return $params;
1744+
}
17311745
}

Tests/ContainerBuilderTest.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -884,6 +884,7 @@ public function testCompileWithResolveEnv()
884884
$container->setParameter('bar', '%% %env(DUMMY_ENV_VAR)% %env(DUMMY_SERVER_VAR)% %env(HTTP_DUMMY_VAR)%');
885885
$container->setParameter('foo', '%env(FOO)%');
886886
$container->setParameter('baz', '%foo%');
887+
$container->setParameter('qux', '%%quux%%');
887888
$container->setParameter('env(HTTP_DUMMY_VAR)', '123');
888889
$container->register('teatime', 'stdClass')
889890
->setProperty('foo', '%env(DUMMY_ENV_VAR)%')
@@ -1128,7 +1129,7 @@ public function testAddObjectResource()
11281129

11291130
$this->assertCount(1, $resources);
11301131

1131-
/** @var \Symfony\Component\Config\Resource\FileResource $resource */
1132+
/** @var FileResource $resource */
11321133
$resource = end($resources);
11331134

11341135
$this->assertInstanceOf(FileResource::class, $resource);

0 commit comments

Comments
 (0)