Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F34409762
T279090-PS5.patch
sbassett (Scott Bassett)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
sbassett
Apr 21 2021, 7:44 PM
2021-04-21 19:44:57 (UTC+0)
Size
1 KB
Referenced Files
None
Subscribers
None
T279090-PS5.patch
View Options
From 6e138db219ed63c692334e0f0489e5000fd7e77b Mon Sep 17 00:00:00 2001
From: RhinosF1 <rhinosf1@gmail.com>
Date: Wed, 21 Apr 2021 14:16:18 -0500
Subject: [PATCH] SECURITY: Check permissions before job execution
Bug: T279090
---
src/Job.php | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/Job.php b/src/Job.php
index 68a7e73..478c3df 100644
--- a/src/Job.php
+++ b/src/Job.php
@@ -50,6 +50,16 @@ class Job extends JobParent {
* @return bool success
*/
function run() {
+ // T279090
+ $current_user = User::newFromId( $this->params['user_id'] );
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userCan(
+ 'replacetext', $currentuser, $this->title
+ ) ) {
+ $this->error('replacetext: permission no longer valid');
+ return true; // T279090#6978214
+ }
+
if ( isset( $this->params['session'] ) ) {
$callback = RequestContext::importScopedSession( $this->params['session'] );
$this->addTeardownCallback( function () use ( &$callback ) {
--
2.30.2
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9045647
Default Alt Text
T279090-PS5.patch (1 KB)
Attached To
Mode
T279090: CVE-2021-41801: ReplaceText continues performing actions if the user no longer has the correct permission (such as by being blocked)
Attached
Detach File
Event Timeline
Log In to Comment