Merge branch '2.3' into 2.4

* 2.3:
  [Console]Improve formatter for double-width character
  Lower mbstring dep, remove it for Yaml and CssSelector components
  [Security] Add check for supported attributes in AclVoter
  [Form] Fixed TrimListenerTest as of PHP 5.5
  Added more IDE links
  [DependencyInjection] Fix parameter description in ConfigurationExtensionInterface
  [Finder] fixed typehint of the Finder::addAdapter() method
  [TwigBridge][Transchoice] set %count% from the current context.
  [DependencyInjection] Fix travis unit tests
  Update PHPUnit before run
  [Validator] fixed wrong test
  [WebProfilerBundle] added test case for #10773
  [WebProfilerBundle] fixed profiler homepage, fixed #10806
  [WebProfilerBundle] Added test case for #10806
  changed travis to run on the nightly builds of HHVM until everything gets stable
  Fixed issue #5427
  Allow URLs that don't contain a path

Conflicts:
	.travis.yml

Author: fabpot

Acl/Tests/Voter/AclVoterTest.php

@@ -27,7 +27,7 @@ class AclVoterTest extends \PHPUnit_Framework_TestCase
      */
     public function testSupportsAttribute($attribute, $supported)
     {
-        list($voter,, $permissionMap,,) = $this->getVoter();
+        list($voter,, $permissionMap,,) = $this->getVoter(true, false);
 
         $permissionMap
             ->expects($this->once())
@@ -39,6 +39,16 @@ public function testSupportsAttribute($attribute, $supported)
         $this->assertSame($supported, $voter->supportsAttribute($attribute));
     }
 
+    /**
+     * @dataProvider getSupportsAttributeNonStringTests
+     */
+    public function testSupportsAttributeNonString($attribute)
+    {
+        list($voter,,,,,) = $this->getVoter(true, false);
+
+        $this->assertFalse($voter->supportsAttribute($attribute));
+    }
+
     public function getSupportsAttributeTests()
     {
         return array(
@@ -47,6 +57,16 @@ public function getSupportsAttributeTests()
         );
     }
 
+    public function getSupportsAttributeNonStringTests()
+    {
+        return array(
+            array(new \stdClass()),
+            array(1),
+            array(true),
+            array(array()),
+        );
+    }
+
     /**
      * @dataProvider getSupportsClassTests
      */
@@ -387,13 +407,20 @@ protected function getToken()
         return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
     }
 
-    protected function getVoter($allowIfObjectIdentityUnavailable = true)
+    protected function getVoter($allowIfObjectIdentityUnavailable = true, $alwaysContains = true)
     {
         $provider = $this->getMock('Symfony\Component\Security\Acl\Model\AclProviderInterface');
         $permissionMap = $this->getMock('Symfony\Component\Security\Acl\Permission\PermissionMapInterface');
         $oidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface');
         $sidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface');
 
+        if ($alwaysContains) {
+            $permissionMap
+                ->expects($this->any())
+                ->method('contains')
+                ->will($this->returnValue(true));
+        }
+
         return array(
             new AclVoter($provider, $oidStrategy, $sidStrategy, $permissionMap, null, $allowIfObjectIdentityUnavailable),
             $provider,

Acl/Voter/AclVoter.php

@@ -48,12 +48,16 @@ public function __construct(AclProviderInterface $aclProvider, ObjectIdentityRet
 
     public function supportsAttribute($attribute)
     {
-        return $this->permissionMap->contains($attribute);
+        return is_string($attribute) && $this->permissionMap->contains($attribute);
     }
 
     public function vote(TokenInterface $token, $object, array $attributes)
     {
         foreach ($attributes as $attribute) {
+            if (!$this->supportsAttribute($attribute)) {
+                continue;
+            }
+
             if (null === $masks = $this->permissionMap->getMasks($attribute, $object)) {
                 continue;
             }