Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34095059
T223654-view.patch
Daimona
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Authored By
Daimona
Feb 8 2021, 12:34 PM
2021-02-08 12:34:59 (UTC+0)
Size
2 KB
Referenced Files
None
Subscribers
None
T223654-view.patch
View Options
From 4156e03c8cf31331d3c8b7a2ad53d11f6f87c5d8 Mon Sep 17 00:00:00 2001
From: Daimona Eaytoy <daimona.wiki@gmail.com>
Date: Mon, 8 Feb 2021 13:34:18 +0100
Subject: [PATCH] SECURITY: Skip deleted RCs in /test if we're only showing
matches
Otherwise we'd be telling whether the filter matches or not the edit. If
we're showing all edits regardless of whether they match the filter, we
can keep showing the row: it will be redacted (and the filter result
hidden) by AbuseFilterChangesList.
Bug: T223654
Change-Id: I3f7dbd8b873d411e37c8c3aac2339bf5ec36907d
---
includes/View/AbuseFilterViewTestBatch.php | 26 ++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/includes/View/AbuseFilterViewTestBatch.php b/includes/View/AbuseFilterViewTestBatch.php
index 487a8ec0..1e3965e1 100644
--- a/includes/View/AbuseFilterViewTestBatch.php
+++ b/includes/View/AbuseFilterViewTestBatch.php
@@ -5,6 +5,8 @@ namespace MediaWiki\Extension\AbuseFilter\View;
use ActorMigration;
use HTMLForm;
use IContextSource;
+use LogEventsList;
+use LogPage;
use MediaWiki\Extension\AbuseFilter\AbuseFilterChangesList;
use MediaWiki\Extension\AbuseFilter\AbuseFilterPermissionManager;
use MediaWiki\Extension\AbuseFilter\EditBox\EditBoxBuilderFactory;
@@ -12,6 +14,7 @@ use MediaWiki\Extension\AbuseFilter\EditBox\EditBoxField;
use MediaWiki\Extension\AbuseFilter\Parser\ParserFactory as AfParserFactory;
use MediaWiki\Extension\AbuseFilter\VariableGenerator\VariableGeneratorFactory;
use MediaWiki\Linker\LinkRenderer;
+use MediaWiki\Revision\RevisionRecord;
use RecentChange;
use Title;
use User;
@@ -275,6 +278,29 @@ class AbuseFilterViewTestBatch extends AbuseFilterView {
$parser->toggleConditionLimit( false );
foreach ( $res as $row ) {
$rc = RecentChange::newFromRow( $row );
+ if ( !$this->mShowNegative ) {
+ $type = (int)$rc->getAttribute( 'rc_type' );
+ $deletedValue = $rc->getAttribute( 'rc_deleted' );
+ if (
+ (
+ $type === RC_LOG &&
+ !LogEventsList::userCanBitfield(
+ $deletedValue,
+ LogPage::SUPPRESSED_ACTION | LogPage::SUPPRESSED_USER,
+ $contextUser
+ )
+ ) || (
+ $type !== RC_LOG &&
+ !RevisionRecord::userCanBitfield( $deletedValue, RevisionRecord::SUPPRESSED_ALL, $contextUser )
+ )
+ ) {
+ // If the RC is deleted, the user can't see it, and we're only showing matches,
+ // always skip this row. If mShowNegative is true, we can still show the row
+ // because we won't tell whether it matches the given filter.
+ continue;
+ }
+ }
+
$varGenerator = $this->varGeneratorFactory->newRCGenerator( $rc, $contextUser );
$vars = $varGenerator->getVars();
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
8885713
Default Alt Text
T223654-view.patch (2 KB)
Attached To
Mode
T223654: AbuseFilterCheckMatch API reveals suppressed edits and usernames (CVE-2021-31547)
Attached
Detach File
Event Timeline
Log In to Comment