Page MenuHomePhabricator
Files F34123061

02-REL1_35-T275669.patch
sbassett (Scott Bassett)
Actions

Authored By
sbassett
Feb 25 2021, 10:30 PM
Size
1 KB
Referenced Files
None
Subscribers
None

02-REL1_35-T275669.patch
View Options

From 975a4a507445d8e1fef5cfcffd34f8d2bbe7ccd9 Mon Sep 17 00:00:00 2001
From: sbassett <sbassett@wikimedia.org>
Date: Thu, 25 Feb 2021 16:16:31 -0600
Subject: [PATCH] SECURITY: Trim target before storing it to cu_log
Trailing spaces are capable of inconsistencies, and increase
the risk of a bug/vulnerability happening.
Bug: T275669
Change-Id: I28181ae166925784e8b6ee0ce5c418c3544a71a6
---
includes/specials/SpecialCheckUser.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/specials/SpecialCheckUser.php b/includes/specials/SpecialCheckUser.php
index f3076c3..1c1297e 100644
--- a/includes/specials/SpecialCheckUser.php
+++ b/includes/specials/SpecialCheckUser.php
@@ -2067,7 +2067,7 @@ class SpecialCheckUser extends SpecialPage {
'cul_reason' => $reason,
'cul_type' => $logType,
'cul_target_id' => $targetID,
- 'cul_target_text' => $target,
+ 'cul_target_text' => trim( $target ),
'cul_target_hex' => $targetHex,
'cul_range_start' => $rangeStart,
'cul_range_end' => $rangeEnd
--
2.28.0

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
8901769
Default Alt Text
02-REL1_35-T275669.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL