Giters

composer / composer

Dependency Manager for PHP

Home Page:https://getcomposer.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

TypeError with numeric environment variable

desmana opened this issue · comments

commented

To reproduce:

  1. Start a shell inside the official composer Docker container.
  2. Unset COMPOSER_HOME to enable XDG check in code. This is not strictly necessary, but needed because COMPOSER_HOME is set by default in docker image.
  3. Set an arbitrary environment variable named using only numbers.
  4. Run composer.

This is the command:

env -u COMPOSER_HOME 1=1 composer

Here is the resulting output:

Fatal error: Uncaught TypeError: strpos(): Argument #1 ($haystack) must be of type string, int given in phar:///usr/bin/composer/src/Composer/Factory.php:684
Stack trace:
#0 phar:///usr/bin/composer/src/Composer/Factory.php(684): strpos(1, 'XDG_')
#1 phar:///usr/bin/composer/src/Composer/Factory.php(76): Composer\Factory::useXdg()
#2 phar:///usr/bin/composer/src/Composer/Factory.php(172): Composer\Factory::getHomeDir()
#3 phar:///usr/bin/composer/src/Composer/Factory.php(466): Composer\Factory::createConfig(Object(Composer\IO\ConsoleIO))
#4 phar:///usr/bin/composer/src/Composer/Console/Application.php(647): Composer\Factory::createGlobal(Object(Composer\IO\ConsoleIO), false, false)
#5 phar:///usr/bin/composer/src/Composer/Console/Application.php(267): Composer\Console\Application->getPluginCommands()
#6 phar:///usr/bin/composer/vendor/symfony/console/Application.php(171): Composer\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#7 phar:///usr/bin/composer/src/Composer/Console/Application.php(145): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#8 phar:///usr/bin/composer/bin/composer(93): Composer\Console\Application->run()
#9 /usr/bin/composer(29): require('phar:///usr/bin...')
#10 {main}
  thrown in phar:///usr/bin/composer/src/Composer/Factory.php on line 684

Relevant code is located here. Here strpos($key, 'XDG_') is used to filter XDG variables. $key comes in as an integer directly from the $_SERVER array and fails type check.