From e1dbd65aff6b1d0e7ec01d09de62fcdbb1c8a785 Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Wed, 27 Oct 2021 11:16:24 +0200
Subject: [PATCH] Fix bin proxies to use output buffering instead of the eval
 hack, as the __FILE__ and __DIR__ replacement is not safe when done in
 strings/nowdocs/..

---
 src/Composer/Installer/BinaryInstaller.php | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/Composer/Installer/BinaryInstaller.php b/src/Composer/Installer/BinaryInstaller.php
index 19a48eada..14331c597 100644
--- a/src/Composer/Installer/BinaryInstaller.php
+++ b/src/Composer/Installer/BinaryInstaller.php
@@ -271,21 +271,27 @@ class BinaryInstaller
 /**
  * Proxy PHP file generated by Composer
  *
- * This file includes the referenced bin path ($binPath) using eval to remove the shebang if present
+ * This file includes the referenced bin path ($binPath) using ob_start to remove the shebang if present
+ * to prevent the shebang from being output on PHP<8
  *
  * @generated
  */
 
 \$binPath = realpath(__DIR__ . "/" . $binPathExported);
+
+if (PHP_VERSION_ID >= 80000) {
+    include \$binPath;
+    exit(0);
+}
+
 \$contents = file_get_contents(\$binPath);
 \$contents = preg_replace('{^#!/.+\\r?\\n<\\?(php)?}', '', \$contents, 1, \$replaced);
 if (\$replaced) {
-    \$contents = strtr(\$contents, array(
-        '__FILE__' => var_export(\$binPath, true),
-        '__DIR__' => var_export(dirname(\$binPath), true),
-    ));
+    ob_start(function (\$buffer, \$phase) {
+        return (PHP_OUTPUT_HANDLER_START & \$phase) && '#!' === substr(\$buffer, 0, 2) ? '' : \$buffer;
+    }, 1);
 
-    eval(\$contents);
+    include \$binPath;
     exit(0);
 }
 include \$binPath;