Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 8e4cf49

Browse filesBrowse files
dbrekelmanschalasr
dbrekelmans
authored and
chalasr
committed
[Security] Check UserInterface::getPassword is not null before calling needsRehash
1 parent 70dec3c commit 8e4cf49
Copy full SHA for 8e4cf49

File tree

1 file changed

+4
-0
lines changed
Filter options

1 file changed

+4
-0
lines changed

‎src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Encoder/UserPasswordEncoder.php
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,10 @@ public function isPasswordValid(UserInterface $user, $raw)
5656
*/
5757
public function needsRehash(UserInterface $user): bool
5858
{
59+
if (null === $user->getPassword()) {
60+
return false;
61+
}
62+
5963
$encoder = $this->encoderFactory->getEncoder($user);
6064

6165
return method_exists($encoder, 'needsRehash') && $encoder->needsRehash($user->getPassword());

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.