Commit 72c887b8 authored by alexpott's avatar alexpott

Issue #2213671 by jhedstrom, richardcanoe, andypost, david_garcia, Antonnavi,...

Issue #2213671 by jhedstrom, richardcanoe, andypost, david_garcia, Antonnavi, dagmar, aleevas, dawehner, alexpott: Log completely unusable when an entry has corrupt serialized data
parent 7f5305b0
......@@ -343,14 +343,18 @@ protected function buildFilterQuery() {
*/
public function formatMessage($row) {
// Check for required properties.
if (isset($row->message) && isset($row->variables)) {
if (isset($row->message, $row->variables)) {
$variables = @unserialize($row->variables);
// Messages without variables or user specified text.
if ($row->variables === 'N;') {
if ($variables === NULL) {
$message = Xss::filterAdmin($row->message);
}
elseif (!is_array($variables)) {
$message = $this->t('Log data is corrupted and cannot be unserialized: @message', ['@message' => Xss::filterAdmin($row->message)]);
}
// Message to translate with injected variables.
else {
$message = $this->t(Xss::filterAdmin($row->message), unserialize($row->variables));
$message = $this->t(Xss::filterAdmin($row->message), $variables);
}
}
else {
......
<?php
namespace Drupal\Tests\dblog\Kernel;
use Drupal\dblog\Controller\DbLogController;
use Drupal\KernelTests\KernelTestBase;
/**
* Tests for the DbLogController class.
*
* @group dblog
*/
class DbLogControllerTest extends KernelTestBase {
/**
* {@inheritdoc}
*/
public static $modules = ['dblog', 'user'];
/**
* Tests corrupted log entries can still display available data.
*/
public function testDbLogCorrupted() {
$this->installEntitySchema('user');
$dblog_controller = DbLogController::create($this->container);
// Check message with properly serialized data.
$message = (object) [
'message' => 'Sample message with placeholder: @placeholder',
'variables' => serialize(['@placeholder' => 'test placeholder']),
];
$this->assertEquals('Sample message with placeholder: test placeholder', $dblog_controller->formatMessage($message));
// Check that controller work with corrupted data.
$message->variables = 'BAD SERIALIZED DATA';
$formatted = $dblog_controller->formatMessage($message);
$this->assertEquals('Log data is corrupted and cannot be unserialized: Sample message with placeholder: @placeholder', $formatted);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment