From 440053bf4fac730d05676e075f11a0a0f28302f2 Mon Sep 17 00:00:00 2001
From: Bradley <bg@pcmsystems.co.uk>
Date: Thu, 11 Jan 2024 16:50:48 +0000
Subject: [PATCH] Throw more specific exception if an svg file's contents is
 invalid svg code

---
 src/Twig/Runtime/IconRuntime.php       | 16 ++++++++++++++++
 tests/Twig/Runtime/IconRuntimeTest.php |  7 +++++++
 2 files changed, 23 insertions(+)

diff --git a/src/Twig/Runtime/IconRuntime.php b/src/Twig/Runtime/IconRuntime.php
index 086f844..a4e906b 100644
--- a/src/Twig/Runtime/IconRuntime.php
+++ b/src/Twig/Runtime/IconRuntime.php
@@ -7,6 +7,7 @@ namespace Pcm\IconBundle\Twig\Runtime;
 use Pcm\IconBundle\Exception\ColourNotFound;
 use Pcm\IconBundle\Exception\EmptyFileException;
 use Pcm\IconBundle\Exception\IconNotFound;
+use Pcm\IconBundle\Exception\InvalidSvgException;
 use Twig\Extension\RuntimeExtensionInterface;
 
 final class IconRuntime implements RuntimeExtensionInterface
@@ -49,6 +50,10 @@ final class IconRuntime implements RuntimeExtensionInterface
             throw new EmptyFileException(\sprintf("The file %s.svg was found, but it was empty!", $options['icon']));
         }
 
+        if (!$this->isValidXml($svg)) {
+            throw new InvalidSvgException(\sprintf("The file %s.svg was found, but it does not contain valid SVG code!", $options['icon']));
+        }
+
         $this->sanitiseSvg($svg);
 
         $colourClasses = $this->getColourClasses($options['colour'], $options['hover']);
@@ -211,4 +216,15 @@ final class IconRuntime implements RuntimeExtensionInterface
 
         $svg = $this->removeXMLDeclaration($svgAsXml->saveXML());
     }
+
+    private function isValidXml(string $input): bool
+    {
+        try {
+            new \SimpleXMLElement($input);
+        } catch (\Exception) {
+            return false;
+        }
+
+        return true;
+    }
 }
diff --git a/tests/Twig/Runtime/IconRuntimeTest.php b/tests/Twig/Runtime/IconRuntimeTest.php
index 9ebfc05..165a845 100644
--- a/tests/Twig/Runtime/IconRuntimeTest.php
+++ b/tests/Twig/Runtime/IconRuntimeTest.php
@@ -8,6 +8,7 @@ use Pcm\IconBundle\DependencyInjection\Configuration;
 use Pcm\IconBundle\Exception\ColourNotFound;
 use Pcm\IconBundle\Exception\EmptyFileException;
 use Pcm\IconBundle\Exception\IconNotFound;
+use Pcm\IconBundle\Exception\InvalidSvgException;
 use Pcm\IconBundle\Twig\Runtime\IconRuntime;
 use PHPUnit\Framework\TestCase;
 
@@ -57,6 +58,12 @@ class IconRuntimeTest extends TestCase
         $this->icon->renderIcon(['icon' => 'empty']);
     }
 
+    public function testThrowsIfContentsIsNotValidSvg(): void
+    {
+        $this->expectException(InvalidSvgException::class);
+        $this->icon->renderIcon(['icon' => 'invalid']);
+    }
+
     public function testNoTitleExistsIfNotPassedIn(): void
     {
         $content = $this->icon->renderIcon(['icon' => self::ICON]);