symfony
diff --git a/‎src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php
+6-1Lines changed: 6 additions & 1 deletion b/‎src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php
+6-1Lines changed: 6 additions & 1 deletion
diff --git a/‎src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentRememberMeHandlerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentRememberMeHandlerTest.php
+16Lines changed: 16 additions & 0 deletions b/‎src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentRememberMeHandlerTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentRememberMeHandlerTest.php
+16Lines changed: 16 additions & 0 deletions
@@ -160,7 +160,12 @@ public function clearRememberMeCookie(): void
             return;
         }
 
-        $rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);
+        try {
+            $rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);
+        } catch (AuthenticationException) {
+            // malformed cookie should not fail the response and can be simply ignored
+            return;
+        }
         [$series] = explode(':', $rememberMeDetails->getValue());
         $this->tokenProvider->deleteTokenBySeries($series);
     }
 
@@ -74,6 +74,22 @@ public function testClearRememberMeCookie()
         $this->assertNull($cookie->getValue());
     }
 
+    public function testClearRememberMeCookieMalformedCookie()
+    {
+        $this->tokenProvider->expects($this->exactly(0))
+            ->method('deleteTokenBySeries');
+
+        $this->request->cookies->set('REMEMBERME', 'malformed');
+
+        $this->handler->clearRememberMeCookie();
+
+        $this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));
+
+        /** @var Cookie $cookie */
+        $cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
+        $this->assertNull($cookie->getValue());
+    }
+
     public function testConsumeRememberMeCookieValid()
     {
         $this->tokenProvider->expects($this->any())
Original file line number	Diff line number	Diff line change
`@@ -160,7 +160,12 @@ public function clearRememberMeCookie(): void`
`160`	`160`	`return;`
`161`	`161`	`}`
`162`	`162`
`163`		`- $rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);`
	`163`	`+ try {`
	`164`	`+ $rememberMeDetails = RememberMeDetails::fromRawCookie($cookie);`
	`165`	`+ } catch (AuthenticationException) {`
	`166`	`+ // malformed cookie should not fail the response and can be simply ignored`
	`167`	`+ return;`
	`168`	`+ }`
`164`	`169`	`[$series] = explode(':', $rememberMeDetails->getValue());`
`165`	`170`	`$this->tokenProvider->deleteTokenBySeries($series);`
`166`	`171`	`}`