Page MenuHomePhabricator
Create Task
Maniphest T202371

Add phan-taint-check-plugin to TimedMediaHandler extension
Closed, ResolvedPublic
Actions

Description

Would be nice to add phan-taint-check-plugin to TimedMediaHandler extensions

<?xml version="1.0" encoding="ISO-8859-15"?>
<checkstyle version="6.5">
  <file name="./SpecialOrphanedTimedText.php">
    <error line="253" severity="warning" message="Calling method \htmlspecialchars() in \SpecialOrphanedTimedText::formatResult that outputs using tainted argument $text. (Caused by: ./SpecialOrphanedTimedText.php +252)" source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./SpecialTimedMediaHandler.php">
    <error line="101" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialTimedMediaHandler::renderState that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./SpecialTimedMediaHandler.php +151; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150)" source="SecurityCheck-XSS"/>
    <error line="101" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialTimedMediaHandler::renderState that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./SpecialTimedMediaHandler.php +151; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150)" source="SecurityCheck-XSS"/>
    <error line="142" severity="warning" message="Calling method \Linker::link() in \SpecialTimedMediaHandler::getTranscodesTable that outputs using tainted argument $[arg #2]. (Caused by: ../../includes/Linker.php +113) (Caused by: ./SpecialTimedMediaHandler.php +140)" source="SecurityCheck-XSS"/>
    <error line="146" severity="warning" message="Calling method \Linker::link() in \SpecialTimedMediaHandler::getTranscodesTable that outputs using tainted argument $[arg #2]. (Caused by: ../../includes/Linker.php +113) (Caused by: ./SpecialTimedMediaHandler.php +140)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./TimedMediaTransformOutput.php">
    <error line="194" severity="warning" message="Calling method \Xml::tags() in \TimedMediaTransformOutput::getImagePopUp that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Xml::tags)" source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./WebVideoTranscode/WebVideoTranscodeJob.php">
    <error line="197" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="204" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="206" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="209" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="718" severity="warning" message="Calling method \WebVideoTranscodeJob::monitorTranscode in \WebVideoTranscodeJob::runShellExec that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +854; ./WebVideoTranscode/WebVideoTranscodeJob.php +801; ./WebVideoTranscode/WebVideoTranscodeJob.php +827; ./WebVideoTranscode/WebVideoTranscodeJob.php +852)" source="SecurityCheck-XSS"/>
    <error line="796" severity="warning" message="Calling method \WebVideoTranscodeJob::output() in \WebVideoTranscodeJob::monitorTranscode that outputs using tainted argument $[arg #1]. (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +43) (Caused by: ../../languages/Language.php +4855; ../../languages/Language.php +4855)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./handlers/ID3Handler/ID3Handler.php">
    <error line="32" severity="error" message="Calling method \getID3::analyze in \ID3Handler::getID3 that is always unsafe  (Caused by: ../../vendor/james-heinrich/getid3/getid3/getid3.php +368; ../../vendor/james-heinrich/getid3/getid3/getid3.php +511)" source="SecurityCheck-ShellInjection"/>
  </file>
</checkstyle>

TimedMediaHandler is using shell which seems to make this complicated

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Fix phan-taint-check warnings, and add it to extra of composer.jsonmediawiki/extensions/TimedMediaHandlermaster+7 -2
Enable seccheck for TimedMediaHandlerintegration/configmaster+1 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Umherirrender created this task.Aug 21 2018, 10:13 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 21 2018, 10:13 AM
Umherirrender moved this task from Backlog to Wikimedia deployed on the phan-taint-check-plugin board.Aug 21 2018, 10:15 AM
Umherirrender updated the task description. (Show Details)Aug 21 2018, 11:08 AM
Umherirrender added a parent task: T201219: Enable phan-taint-check-plugin on all Wikimedia-deployed repositories after getting it to pass.Aug 21 2018, 12:40 PM
Umherirrender added a comment.Aug 22 2018, 8:23 PM

Issue in SpecialOrphanedTimedText.php is handled in T202371

gerritbot subscribed.Sep 8 2018, 12:52 AM

Change 458945 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/TimedMediaHandler@master] Fix phan-taint-check warnings, and add it to extra of composer.json

https://gerrit.wikimedia.org/r/458945

gerritbot added a project: Patch-For-Review.Sep 8 2018, 12:52 AM
gerritbot added a comment.Sep 8 2018, 1:36 AM

Change 458957 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[integration/config@master] Enable seccheck for TimedMediaHandler

https://gerrit.wikimedia.org/r/458957

gerritbot added a comment.Sep 8 2018, 1:50 AM

Change 458957 merged by jenkins-bot:
[integration/config@master] Enable seccheck for TimedMediaHandler

https://gerrit.wikimedia.org/r/458957

gerritbot added a comment.Sep 8 2018, 2:10 AM

Change 458945 merged by jenkins-bot:
[mediawiki/extensions/TimedMediaHandler@master] Fix phan-taint-check warnings, and add it to extra of composer.json

https://gerrit.wikimedia.org/r/458945

ReleaseTaggerBot added a project: MW-1.32-notes (WMF-deploy-2018-09-18 (1.32.0-wmf.22)).Sep 8 2018, 3:00 AM
Legoktm closed this task as Resolved.Sep 8 2018, 3:43 AM
Legoktm assigned this task to Bawolff.
sbassett moved this task from Wikimedia deployed to Done on the phan-taint-check-plugin board.Oct 15 2019, 6:54 PM
Maintenance_bot removed a project: Patch-For-Review.Oct 15 2019, 7:15 PM
sbassett triaged this task as Medium priority.Oct 15 2019, 7:32 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits