From b2ce794bf0e3335ac34db14c0e172f16b669b571 Mon Sep 17 00:00:00 2001 From: Tim Otten Date: Mon, 28 Oct 2019 18:53:03 -0700 Subject: [PATCH] CRM_Utils_String::unserialize() - Add wrapper for parsing safe exprs (int/string/array/etc) --- tests/phpunit/CRM/Utils/StringTest.php | 40 ++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tests/phpunit/CRM/Utils/StringTest.php b/tests/phpunit/CRM/Utils/StringTest.php index b407f855fc..76dd0ba51f 100644 --- a/tests/phpunit/CRM/Utils/StringTest.php +++ b/tests/phpunit/CRM/Utils/StringTest.php @@ -371,4 +371,44 @@ class CRM_Utils_StringTest extends CiviUnitTestCase { $this->assertEquals($expectedString, CRM_Utils_String::purifyHTML($testString)); } + public function getGoodSerializeExamples() { + $strs = []; + + $strs[] = ['a:1:{s:1:"a";s:1:"b";}']; + $strs[] = ['d:1.2;']; + $strs[] = ['s:3:"abc";']; + $strs[] = ['N;']; + $strs[] = ['a:7:{i:0;N;i:1;s:3:"abc";i:2;i:1;i:3;d:2.3;i:4;b:1;i:5;b:0;i:6;i:0;}']; + + return $strs; + } + + /** + * @param string $str + * A safe serialized value. + * @dataProvider getGoodSerializeExamples + */ + public function testGoodSerialize($str) { + $this->assertEquals(unserialize($str), CRM_Utils_String::unserialize($str)); + } + + public function getBadSerializeExamples() { + $strs = []; + + $strs[] = ['O:8:"stdClass":0:{}']; + $strs[] = ['O:9:"Exception":7:{s:10:"*message";s:3:"abc";s:17:"Exceptionstring";s:0:"";s:7:"*code";i:0;s:7:"*file";s:17:"Command line code";s:7:"*line";i:1;s:16:"Exceptiontrace";a:0:{}s:19:"Exceptionprevious";N;}']; + + return $strs; + } + + /** + * @param string $str + * An unsafe serialized value. + * @dataProvider getBadSerializeExamples + * @expectedException \Exception + */ + public function testBadSerializeExamples($str) { + CRM_Utils_String::unserialize($str); + } + } -- 2.25.1