Merge "Message: Throw if given invalid serialized data"

author jenkins-bot <jenkins-bot@gerrit.wikimedia.org>

Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)

committer Gerrit Code Review <gerrit@wikimedia.org>

Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)
author jenkins-bot <jenkins-bot@gerrit.wikimedia.org>
Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)
committer Gerrit Code Review <gerrit@wikimedia.org>
Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)
diff --git a/includes/Message.php b/includes/Message.php

index f9d1cce..15d9786 100644 (file)
--- a/includes/Message.php
+++ b/includes/Message.php
@@ -301,6 +301,10 @@ class Message implements MessageSpecifier, Serializable {
          */
         public function unserialize( $serialized ) {
                 $data = unserialize( $serialized );
+               if ( !is_array( $data ) ) {
+                       throw new InvalidArgumentException( __METHOD__ . ': Invalid serialized data' );
+               }
+
                 $this->interface = $data['interface'];
                 $this->key = $data['key'];
                 $this->keysToTry = $data['keysToTry'];
author	jenkins-bot <jenkins-bot@gerrit.wikimedia.org>
	Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)
committer	Gerrit Code Review <gerrit@wikimedia.org>
	Sat, 1 Dec 2018 10:50:18 +0000 (10:50 +0000)