Page MenuHomePhabricator

update phan-taint-check to 1.2.0
Closed, ResolvedPublic

Description

see topic.

Remaining todo: Anything alphabetical >= PdfHandler Legoktm did the rest

Cite and CategoryTree have issues with new version

Event Timeline

Bawolff created this task.May 4 2018, 8:19 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 4 2018, 8:19 PM

Fails on extension Cite:

./includes/Cite.php:276 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:277 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:279 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:284 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:285 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:287 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $group.
./includes/Cite.php:295 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $key.
./includes/Cite.php:296 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $key.
./includes/Cite.php:314 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $key.
./includes/Cite.php:315 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::guardedRef that outputs using tainted argument $key.
./includes/Cite.php:777 SecurityCheck-DoubleEscaped Calling method \Parser::recursiveTagParse() in \Cite::referencesFormat that outputs using tainted argument $parserInput. (Caused by: ./includes/Cite.php +772)
./includes/Cite.php:1050 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::linkRef that outputs using tainted argument $[arg #1]. (Caused by: ./includes/Cite.php +984; ./includes/Cite.php +1131; ./includes/Cite.php +987)
./includes/Cite.php:1050 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::linkRef that outputs using tainted argument $[arg #1]. (Caused by: ./includes/Cite.php +984; ./includes/Cite.php +1131; ./includes/Cite.php +987; ./includes/Cite.php +1131)
./includes/Cite.php:1058 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::linkRef that outputs using tainted argument $[arg #1]. (Caused by: ./includes/Cite.php +984; ./includes/Cite.php +1131; ./includes/Cite.php +987)
./includes/Cite.php:1058 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::linkRef that outputs using tainted argument $[arg #1]. (Caused by: ./includes/Cite.php +984; ./includes/Cite.php +1131; ./includes/Cite.php +987; ./includes/Cite.php +1131)
./includes/Cite.php:1234 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::checkRefsNoReferences that outputs using tainted argument $group. (Caused by: ./includes/Cite.php +1227; ./includes/Cite.php +743; ./includes/Cite.php +1232)
./includes/Cite.php:1235 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::checkRefsNoReferences that outputs using tainted argument $group. (Caused by: ./includes/Cite.php +1227; ./includes/Cite.php +743; ./includes/Cite.php +1232)
./includes/Cite.php:1237 SecurityCheck-DoubleEscaped Calling method \Sanitizer::safeEncodeAttribute() in \Cite::checkRefsNoReferences that outputs using tainted argument $group. (Caused by: ./includes/Cite.php +1227; ./includes/Cite.php +743; ./includes/Cite.php +1232)
./includes/Cite.php:1369 SecurityCheck-DoubleEscaped Calling method \Parser::recursiveTagParse() in \Cite::error that outputs using tainted argument $ret. (Caused by: ./includes/Cite.php +1358)
./includes/Cite.php:1369 SecurityCheck-DoubleEscaped Calling method \Parser::recursiveTagParse() in \Cite::error that outputs using tainted argument $ret. (Caused by: ./includes/Cite.php +1358; ./includes/Cite.php +1369)
./includes/Cite.php:1412 SecurityCheck-DoubleEscaped Calling method \Parser::recursiveTagParse() in \Cite::warning that outputs using tainted argument $ret. (Caused by: ./includes/Cite.php +1400)
./includes/Cite.php:1412 SecurityCheck-DoubleEscaped Calling method \Parser::recursiveTagParse() in \Cite::warning that outputs using tainted argument $ret. (Caused by: ./includes/Cite.php +1400; ./includes/Cite.php +1412)

Change 431007 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/CiteThisPage@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431007

Change 431008 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/CodeEditor@master] Add phan-taint-check as version 1.2.0

https://gerrit.wikimedia.org/r/431008

Change 431009 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/ConfirmEdit@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431009

Change 431010 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/Gadgets@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431010

Change 431011 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/ImageMap@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431011

CategoryTree also has some potentially false positives from the new version:

./includes/CategoryTreeHooks.php:113 SecurityCheck-XSS Outputting user controlled HTML from Parser function hook \CategoryTreeHooks::parserFunction (Caused by: ./includes/CategoryTreeHooks.php +112)
./includes/CategoryTreeHooks.php:168 SecurityCheck-XSS Outputting user controlled HTML from Parser tag hook \CategoryTreeHooks::parserHook (Caused by: ./includes/CategoryTree.php +386; ./includes/CategoryTreeHooks.php +144; ./includes/CategoryTreeHooks.php +155)
./includes/CategoryTreePage.php:119 SecurityCheck-XSS Calling method \OutputPage::addHTML() in \CategoryTreePage::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CategoryTree.php +556)

Change 431015 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/InputBox@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431015

Change 431016 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/Interwiki@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431016

Change 431018 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/LocalisationUpdate@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431018

Change 431007 merged by jenkins-bot:
[mediawiki/extensions/CiteThisPage@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431007

Change 431022 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/MultimediaViewer@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431022

Change 431009 merged by jenkins-bot:
[mediawiki/extensions/ConfirmEdit@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431009

Change 431010 merged by jenkins-bot:
[mediawiki/extensions/Gadgets@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431010

Change 431011 merged by jenkins-bot:
[mediawiki/extensions/ImageMap@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431011

Change 431023 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/Nuke@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431023

Change 431026 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/OATHAuth@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431026

Bawolff updated the task description. (Show Details)May 4 2018, 9:21 PM

Change 431008 merged by jenkins-bot:
[mediawiki/extensions/CodeEditor@master] Add phan-taint-check as version 1.2.0

https://gerrit.wikimedia.org/r/431008

Change 431016 merged by jenkins-bot:
[mediawiki/extensions/Interwiki@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431016

Change 431018 merged by jenkins-bot:
[mediawiki/extensions/LocalisationUpdate@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431018

Change 431023 merged by jenkins-bot:
[mediawiki/extensions/Nuke@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431023

Change 431026 merged by jenkins-bot:
[mediawiki/extensions/OATHAuth@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431026

Change 431015 merged by jenkins-bot:
[mediawiki/extensions/InputBox@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431015

Change 431069 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/OATHAuth@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431069

Change 431070 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/ConfirmEdit@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431070

Change 431071 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/Nuke@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431071

Change 431072 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/LocalisationUpdate@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431072

Change 431073 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/Interwiki@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431073

Change 431074 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/ImageMap@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431074

Change 431075 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/Gadgets@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431075

Change 431076 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/CodeEditor@REL1_31] Add phan-taint-check as version 1.2.0

https://gerrit.wikimedia.org/r/431076

Change 431077 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/CiteThisPage@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431077

Change 431079 had a related patch set uploaded (by Legoktm; owner: Brian Wolff):
[mediawiki/extensions/InputBox@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431079

Change 431069 merged by jenkins-bot:
[mediawiki/extensions/OATHAuth@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431069

Change 431070 merged by jenkins-bot:
[mediawiki/extensions/ConfirmEdit@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431070

Change 431071 merged by jenkins-bot:
[mediawiki/extensions/Nuke@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431071

Change 431072 merged by jenkins-bot:
[mediawiki/extensions/LocalisationUpdate@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431072

Change 431074 merged by jenkins-bot:
[mediawiki/extensions/ImageMap@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431074

Change 431075 merged by jenkins-bot:
[mediawiki/extensions/Gadgets@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431075

Change 431073 merged by jenkins-bot:
[mediawiki/extensions/Interwiki@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431073

Change 431077 merged by jenkins-bot:
[mediawiki/extensions/CiteThisPage@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431077

Change 431076 merged by jenkins-bot:
[mediawiki/extensions/CodeEditor@REL1_31] Add phan-taint-check as version 1.2.0

https://gerrit.wikimedia.org/r/431076

Change 431079 merged by jenkins-bot:
[mediawiki/extensions/InputBox@REL1_31] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431079

Change 431022 merged by Umherirrender:
[mediawiki/extensions/MultimediaViewer@master] Bump phan-taint-check 1.1.0->1.2.0

https://gerrit.wikimedia.org/r/431022

Bawolff updated the task description. (Show Details)May 8 2018, 1:10 AM
Umherirrender closed this task as Resolved.May 18 2018, 8:05 PM
Umherirrender added a subscriber: Umherirrender.

Created subtasks for easier tracking and to tag the tasks with the correct extension:

Vvjjkkii renamed this task from update phan-taint-check to 1.2.0 to ykdaaaaaaa.Jul 1 2018, 1:11 AM
Vvjjkkii reopened this task as Open.
Vvjjkkii triaged this task as High priority.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed subscribers: gerritbot, Aklapper.
CommunityTechBot renamed this task from ykdaaaaaaa to update phan-taint-check to 1.2.0.Jul 2 2018, 4:27 PM
CommunityTechBot closed this task as Resolved.
CommunityTechBot claimed this task.
CommunityTechBot raised the priority of this task from High to Needs Triage.
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot added subscribers: gerritbot, Aklapper.
Legoktm removed CommunityTechBot as the assignee of this task.Aug 2 2018, 10:05 AM
Legoktm added a subscriber: CommunityTechBot.
sbassett triaged this task as Normal priority.Tue, Oct 15, 7:09 PM
sbassett removed a project: Patch-For-Review.