Can someone please look into this, or at least confirm the bug? Imo this is important, because someone could just delete all transcodes off of commons and no one could stop them or revert their action.

Eek, this seems not good. :)

This sounds like a bug that users could abuse and cause large-scale disruption, so I'm (boldly) moving it to security. @brion, @McZusatz: Feel free to revert this if I'm wrong/being stupid.

CCing Aaron as this seems to be caused by one of his master-DB cleanup patches.

Revert patch in gerrit: https://gerrit.wikimedia.org/r/218030

Basic problem seems to be that TMH wants rows in the 'transcode' table for anything that it might have to deal with in the future; the breaking change moved that table insertion from the time of the job queue insert to the inside of the actual transcode job.

Result seemed to be that the transcode being reset disappears from the transcode table, and the job never actually gets run, and the list of transcodes never gets updated.

Followup patch to make aaron happy by re-fixing the master/slave behavior: https://gerrit.wikimedia.org/r/#/c/218099/ :D

So, the commit introducing this bug has been reverted and merged but what happens to all the transcodes that were reset in the meantime and are now gone? (You can not request a fresh transcode because there is no link to do so.)

Also, I am wondering to what extend a unit test could avoid bugs in this TMH-area to pop up.

In T100211#1406858, @McZusatz wrote:

So, the commit introducing this bug has been reverted and merged but what happens to all the transcodes that were reset in the meantime and are now gone? (You can not request a fresh transcode because there is no link to do so.)

The API reset method works, but there's indeed no link yet; T103115 will have a user-friendly solution for individual resets, needs a little more work.

For the moment here's a horrid workaround:

• open debug inspector in your browser
• find the 'reset' link for another transcode
• edit its data attributes to list the desired transcode (eg '360p.webm' or '480p.ogv')
• now, click that link and hit 'ok' in the dialog

I plan to do a batch bot run resetting all the missing transcodes on the site but haven't gotten to it yet, will file a task so we don't forget.

Also, I am wondering to what extend a unit test could avoid bugs in this TMH-area to pop up.

Yeah that'd help a lot. :)

In T100211#1406930, @brion wrote:

In T100211#1406858, @McZusatz wrote:

Also, I am wondering to what extend a unit test could avoid bugs in this TMH-area to pop up.

Yeah that'd help a lot. :)

I don't do php but if you point me to the source code file where to add tests for TMH, I may have a look and add some.

This is a deployed, but not bundled extension. Does it actually get a release or do we just backport to REL1_25 and then open this task?

Based on https://wikiapiary.com/wiki/Extension:TimedMediaHandler, it seems popular enough I would mention it in the release notes. But severity is low enough I'm fine either way.

I was wondering if it was a better idea to just announce these bugs relating to non-bundled extensions in a batch. I was looking at this, T97083 and T88964.

Works for me

CVE-2015-6735 was assigned for this.