Merge branch '1.9.4.x' into first_release_builder_workflow

OpenMage · Dec 14, 2022 · 5e695d2 · 5e695d2
2 parents cdcf5b9 + e726410
commit 5e695d2
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 70 deletions.
diff --git a/app/code/core/Mage/Captcha/Model/Zend.php b/app/code/core/Mage/Captcha/Model/Zend.php
@@ -448,11 +448,14 @@ protected function _getTargetForms()
     /**
      * Get captcha word
      *
-     * @return string
+     * @return string|null
      */
     public function getWord()
     {
         $sessionData = $this->getSession()->getData($this->_getFormIdKey(self::SESSION_WORD));
+        if (!is_array($sessionData)) {
+            return null;
+        }
         return time() < $sessionData['expires'] ? $sessionData['data'] : null;
     }
 

diff --git a/composer.json b/composer.json
@@ -36,7 +36,7 @@
     "magento-ecg/coding-standard": "^4.5",
     "phpcompatibility/php-compatibility": "^9.3",
     "phpmd/phpmd": "^2.13",
-    "phpstan/phpstan": "^1.9.2",
+    "phpstan/phpstan": "^1.9.3",
     "phpunit/phpunit": "^9.5",
     "squizlabs/php_codesniffer": "^3.7"
   },

diff --git a/composer.lock b/composer.lock
diff --git a/lib/Magento/Db/Adapter/Pdo/Mysql.php b/lib/Magento/Db/Adapter/Pdo/Mysql.php
@@ -113,7 +113,10 @@ protected function _quote($value)
             $value = $this->_convertFloat($value);
             return $value;
         }
-
+        // Fix for null-byte injection
+        if (is_string($value)) {
+            $value = addcslashes($value, "\000\032");
+        }
         return parent::_quote($value);
     }
 

diff --git a/lib/Zend/Db/Adapter/Pdo/Abstract.php b/lib/Zend/Db/Adapter/Pdo/Abstract.php
@@ -292,10 +292,8 @@ protected function _quote($value)
         if (is_int($value) || is_float($value)) {
             return $value;
         }
-        // Fix for null-byte injection
-        $value = addcslashes($value, "\000\032");
         $this->_connect();
-        return $this->_connection->quote($value);
+        return $this->_connection->quote((string) $value);
     }
 
     /**

diff --git a/phpstan.dist.baseline.neon b/phpstan.dist.baseline.neon
@@ -1085,11 +1085,6 @@ parameters:
 			count: 1
 			path: app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Shipping/Address.php
 
-		-
-			message: "#^Variable \\$button might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Sidebar.php
-
 		-
 			message: "#^If condition is always true\\.$#"
 			count: 1
@@ -3235,21 +3230,6 @@ parameters:
 			count: 1
 			path: app/code/core/Mage/Bundle/Model/Resource/Price/Index.php
 
-		-
-			message: "#^Variable \\$priceCond might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Bundle/Model/Resource/Price/Index.php
-
-		-
-			message: "#^Variable \\$priceTypeCond might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Bundle/Model/Resource/Price/Index.php
-
-		-
-			message: "#^Variable \\$valueIdCond might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Bundle/Model/Resource/Price/Index.php
-
 		-
 			message: "#^Variable \\$_items might not be defined\\.$#"
 			count: 1
@@ -5315,16 +5295,6 @@ parameters:
 			count: 1
 			path: app/code/core/Mage/Catalog/Model/Resource/Url.php
 
-		-
-			message: "#^Variable \\$rootCategoryPath might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Catalog/Model/Resource/Url.php
-
-		-
-			message: "#^Variable \\$rootCategoryPathLength might not be defined\\.$#"
-			count: 2
-			path: app/code/core/Mage/Catalog/Model/Resource/Url.php
-
 		-
 			message: "#^Call to function is_null\\(\\) with Mage_Catalog_Model_Resource_Url will always evaluate to false\\.$#"
 			count: 1
@@ -6300,11 +6270,6 @@ parameters:
 			count: 1
 			path: app/code/core/Mage/Checkout/Model/Type/Onepage.php
 
-		-
-			message: "#^Variable \\$customerRequest might not be defined\\.$#"
-			count: 2
-			path: app/code/core/Mage/Checkout/Model/Type/Onepage.php
-
 		-
 			message: "#^Comparison operation \"\\=\\=\" between 0\\|0\\.0\\|array\\|string\\|false\\|null and 0 results in an error\\.$#"
 			count: 1
@@ -11000,11 +10965,6 @@ parameters:
 			count: 2
 			path: app/code/core/Mage/Paypal/Model/Express/Checkout.php
 
-		-
-			message: "#^Variable \\$address might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Paypal/Model/Express/Checkout.php
-
 		-
 			message: "#^Variable \\$shippingAddress might not be defined\\.$#"
 			count: 1
@@ -13010,16 +12970,6 @@ parameters:
 			count: 1
 			path: app/code/core/Mage/Sales/Model/Order/Pdf/Abstract.php
 
-		-
-			message: "#^Variable \\$shippingAddress might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Sales/Model/Order/Pdf/Abstract.php
-
-		-
-			message: "#^Variable \\$shippingMethod might not be defined\\.$#"
-			count: 1
-			path: app/code/core/Mage/Sales/Model/Order/Pdf/Abstract.php
-
 		-
 			message: "#^Parameter \\#1 \\$object of method Mage_Sales_Model_Order_Pdf_Abstract\\:\\:_setFontBold\\(\\) expects Zend_Pdf_Page, Zend_Pdf_Style given\\.$#"
 			count: 1
@@ -15580,11 +15530,6 @@ parameters:
 			count: 1
 			path: get.php
 
-		-
-			message: "#^Variable \\$relativeFilename might not be defined\\.$#"
-			count: 4
-			path: get.php
-
 		-
 			message: "#^Comparison operation \"\\>\\=\" between int\\<0, max\\> and 0 is always true\\.$#"
 			count: 1
@@ -16167,7 +16112,7 @@ parameters:
 
 		-
 			message: "#^Variable \\$result might not be defined\\.$#"
-			count: 4
+			count: 3
 			path: lib/Varien/Db/Adapter/Pdo/Mysql.php
 
 		-
@@ -16597,7 +16542,7 @@ parameters:
 
 		-
 			message: "#^Cannot call method hasData\\(\\) on array\\|\\(callable\\)\\|object\\.$#"
-			count: 2
+			count: 1
 			path: lib/Varien/Object/Mapper.php
 
 		-