From 1b7650edbe5e5076587e24631ee153b2b87ddfa0 Mon Sep 17 00:00:00 2001
From: rjchow <me@rjchow.com>
Date: Wed, 18 Sep 2024 12:54:20 +1000
Subject: [PATCH] lint 8

---
 .../src/Internal/Logging/SafeGlobalFunctionProxy.php         | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/plugins/woocommerce/src/Internal/Logging/SafeGlobalFunctionProxy.php b/plugins/woocommerce/src/Internal/Logging/SafeGlobalFunctionProxy.php
index bc43f1e3e14..061eef6a0dd 100644
--- a/plugins/woocommerce/src/Internal/Logging/SafeGlobalFunctionProxy.php
+++ b/plugins/woocommerce/src/Internal/Logging/SafeGlobalFunctionProxy.php
@@ -73,8 +73,9 @@ class SafeGlobalFunctionProxy {
 					$file  = $trace[2]['file'] ?? $file;
 					$line  = $trace[2]['line'] ?? $line;
 				}
-                // phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- Exception is thrown here but handled securely elsewhere
-				throw new \ErrorException( $message, 0, $type, $file, $line );
+				$sanitized_message = filter_var( $message, FILTER_SANITIZE_FULL_SPECIAL_CHARS );
+				// phpcs:ignore WordPress.Security.EscapeOutput.ExceptionNotEscaped -- $message sanitised above. we don't want to rely on esc_html since it's not a PHP built-in
+				throw new \ErrorException( $sanitized_message, 0, $type, $file, $line );
 			}
 		);