Page MenuHomePhabricator

CategoryTree extension does not pass phan-taint-check 1.2.0
Closed, ResolvedPublic

Description

CategoryTree also has some potentially false positives from the new version:

./includes/CategoryTreeHooks.php:113 SecurityCheck-XSS Outputting user controlled HTML from Parser function hook \CategoryTreeHooks::parserFunction (Caused by: ./includes/CategoryTreeHooks.php +112)
./includes/CategoryTreeHooks.php:168 SecurityCheck-XSS Outputting user controlled HTML from Parser tag hook \CategoryTreeHooks::parserHook (Caused by: ./includes/CategoryTree.php +386; ./includes/CategoryTreeHooks.php +144; ./includes/CategoryTreeHooks.php +155)
./includes/CategoryTreePage.php:119 SecurityCheck-XSS Calling method \OutputPage::addHTML() in \CategoryTreePage::execute that outputs using tainted argument $[arg #1]. (Caused by: ./includes/CategoryTree.php +556)

Event Timeline

Vvjjkkii renamed this task from CategoryTree extension does not pass phan-taint-check 1.2.0 to dqcaaaaaaa.Jul 1 2018, 1:09 AM
Vvjjkkii raised the priority of this task from Medium to High.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
CommunityTechBot renamed this task from dqcaaaaaaa to CategoryTree extension does not pass phan-taint-check 1.2.0.Jul 2 2018, 4:53 AM
CommunityTechBot lowered the priority of this task from High to Medium.
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot added a subscriber: Aklapper.

Change 444017 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/tools/phan/SecurityCheckPlugin@master] Add code to force type for MW globals

https://gerrit.wikimedia.org/r/444017

Change 444019 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/CategoryTree@master] Fix some raw html messages

https://gerrit.wikimedia.org/r/444019

Change 444019 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/CategoryTree@master] Fix some raw html messages

https://gerrit.wikimedia.org/r/444019

This patch + the phan patch make CategoryTree pass

Change 444017 merged by Brian Wolff:
[mediawiki/tools/phan/SecurityCheckPlugin@master] Add code to force type for MW globals

https://gerrit.wikimedia.org/r/444017

Change 444019 merged by jenkins-bot:
[mediawiki/extensions/CategoryTree@master] Fix some raw html messages

https://gerrit.wikimedia.org/r/444019

Change 490510 had a related patch set uploaded (by Krinkle; owner: Brian Wolff):
[mediawiki/extensions/CategoryTree@REL1_31] Fix some raw html messages

https://gerrit.wikimedia.org/r/490510

Change 490510 merged by jenkins-bot:
[mediawiki/extensions/CategoryTree@REL1_31] Fix some raw html messages

https://gerrit.wikimedia.org/r/490510