There is an experimental security checker script that is currently
being worked on. It is getting confused by some of the SQL paging queries
in various maitenance scripts.
In order to help the script out, cast the $from, $to, $start and $end type
variables to ints before putting them into the SQL snippet.
For example, if you have
$res = $db->select( 'ipblocks', [ 'ipb_user' ], [ "ipb_user >= $from", "ipb_user <= $to", ], __METHOD__, ... );
where $from and $to are integers that denote what part we are currently on, replace
them with
$res = $db->select( 'ipblocks', [ 'ipb_user' ], [ "ipb_user >= " . (int)$from, "ipb_user <= " . (int)$to, ], __METHOD__, ... );
Similarly for BETWEEN conditions.
$cond = "page_id BETWEEN $blockStart AND $blockEnd";
Needs to be changed to
$cond = "page_id BETWEEN " . (int)$blockStart . " AND " . (int)$blockEnd;
You should of course only do this for the numeric range conditions. Other things in the query should not have this done to them.
Things that need replacing:
- maintenance/cleanupBlocks.php:54
- maintenance/cleanupBlocks.php:126
- maintenance/migrateUserGroup.php:63
- maintenance/migrateUserGroup.php:75
- maintenance/migrateUserGroup.php:87
- maintenance/orphans.php:202 (Specificly, $row->page_id needs to be cast)
- maintenance/populateBacklinkNamespace.php:70
- maintenance/populateIpChanges.php:87
- maintenance/populateLogSearch.php:79
- maintenance/populateLogUsertext.php:67
- maintenance/populateRecentChangesSource.php:63
- maintenance/populateRevisionSha1.php:96
- maintenance/rebuildFileCache.php:107
- maintenance/recountCategories.php:159 (For this one, cast $row->count, but only in the WHERE condition, not in the SET clause)
- maintenance/updateRestrictions.php:62