From e2f2da74f2fc798aaa6e70a74e111a1953255790 Mon Sep 17 00:00:00 2001 From: Brad Jorsch Date: Wed, 28 Nov 2018 10:25:01 -0500 Subject: [PATCH] Message: Throw if given invalid serialized data Instead of silently winding up with a bogus Message object having most fields invalidly set to null, just throw an exception. Bug: T210528 Change-Id: I79313f8acf3ebb1ef12dac30c362aa10c715f40b --- includes/Message.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/includes/Message.php b/includes/Message.php index 3bd775537f..7dd22c7cea 100644 --- a/includes/Message.php +++ b/includes/Message.php @@ -300,6 +300,10 @@ class Message implements MessageSpecifier, Serializable { */ public function unserialize( $serialized ) { $data = unserialize( $serialized ); + if ( !is_array( $data ) ) { + throw new InvalidArgumentException( __METHOD__ . ': Invalid serialized data' ); + } + $this->interface = $data['interface']; $this->key = $data['key']; $this->keysToTry = $data['keysToTry']; -- 2.20.1