Skip to content

Commit

Permalink
Harden foramttedtextlogger against object injections
Browse files Browse the repository at this point in the history
  • Loading branch information
@SniperSister
SniperSister committed Nov 8, 2024
1 parent 30a64b3 commit 4982fc9
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions libraries/src/Log/Logger/FormattedtextLogger.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,20 @@ public function __destruct()
}
}

/**
* Prevent object injection attacks by suppressing unserialization of instance with deferred rows
*
* @since __DEPLOY_VERSION__
*
* @throws \Exception
*/
public function __wakeup()
{
if ($this->defer && !empty($this->deferredEntries)) {
throw new \RuntimeException('Can not unserialize in defer mode');
}
}

/**
* Method to add an entry to the log.
*
Expand Down

0 comments on commit 4982fc9

Please sign in to comment.