mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-19 06:18:28 +01:00
Code Issues Projects Releases Wiki Activity

MDL-78647 files: safer unserializing of file reference data.

Browse Source
This commit is contained in:
Paul Holden 2023-07-05 00:00:59 +01:00 committed by Jenkins
parent cfe33b82e3
commit a11938293e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/filestorage/file_storage.php
View File

@ -1957,7 +1957,7 @@ class file_storage {
if ($decoded === false) {
throw new file_reference_exception(null, $str, null, null, 'Invalid base64 format');
}
$params = @unserialize($decoded); // hide E_NOTICE
$params = unserialize_array($decoded);
if ($params === false) {
throw new file_reference_exception(null, $decoded, null, null, 'Not an unserializeable value');
}