Page MenuHomePhabricator

Add phan-taint-check-plugin to TimedMediaHandler extension
Closed, ResolvedPublic

Description

Would be nice to add phan-taint-check-plugin to TimedMediaHandler extensions

<?xml version="1.0" encoding="ISO-8859-15"?>
<checkstyle version="6.5">
  <file name="./SpecialOrphanedTimedText.php">
    <error line="253" severity="warning" message="Calling method \htmlspecialchars() in \SpecialOrphanedTimedText::formatResult that outputs using tainted argument $text. (Caused by: ./SpecialOrphanedTimedText.php +252)" source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./SpecialTimedMediaHandler.php">
    <error line="101" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialTimedMediaHandler::renderState that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./SpecialTimedMediaHandler.php +151; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150)" source="SecurityCheck-XSS"/>
    <error line="101" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialTimedMediaHandler::renderState that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./SpecialTimedMediaHandler.php +151; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150; ./SpecialTimedMediaHandler.php +142; ./SpecialTimedMediaHandler.php +150)" source="SecurityCheck-XSS"/>
    <error line="142" severity="warning" message="Calling method \Linker::link() in \SpecialTimedMediaHandler::getTranscodesTable that outputs using tainted argument $[arg #2]. (Caused by: ../../includes/Linker.php +113) (Caused by: ./SpecialTimedMediaHandler.php +140)" source="SecurityCheck-XSS"/>
    <error line="146" severity="warning" message="Calling method \Linker::link() in \SpecialTimedMediaHandler::getTranscodesTable that outputs using tainted argument $[arg #2]. (Caused by: ../../includes/Linker.php +113) (Caused by: ./SpecialTimedMediaHandler.php +140)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./TimedMediaTransformOutput.php">
    <error line="194" severity="warning" message="Calling method \Xml::tags() in \TimedMediaTransformOutput::getImagePopUp that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Xml::tags)" source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./WebVideoTranscode/WebVideoTranscodeJob.php">
    <error line="197" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="204" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="206" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="209" severity="error" message="Calling method \WebVideoTranscodeJob::ffmpegEncode in \WebVideoTranscodeJob::run that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +426; ./WebVideoTranscode/WebVideoTranscodeJob.php +419; ./WebVideoTranscode/WebVideoTranscodeJob.php +423; ./WebVideoTranscode/WebVideoTranscodeJob.php +423) (536914874 &amp;lt;- 136)" source="SecurityCheckMulti"/>
    <error line="718" severity="warning" message="Calling method \WebVideoTranscodeJob::monitorTranscode in \WebVideoTranscodeJob::runShellExec that is always unsafe  (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +854; ./WebVideoTranscode/WebVideoTranscodeJob.php +801; ./WebVideoTranscode/WebVideoTranscodeJob.php +827; ./WebVideoTranscode/WebVideoTranscodeJob.php +852)" source="SecurityCheck-XSS"/>
    <error line="796" severity="warning" message="Calling method \WebVideoTranscodeJob::output() in \WebVideoTranscodeJob::monitorTranscode that outputs using tainted argument $[arg #1]. (Caused by: ./WebVideoTranscode/WebVideoTranscodeJob.php +43) (Caused by: ../../languages/Language.php +4855; ../../languages/Language.php +4855)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./handlers/ID3Handler/ID3Handler.php">
    <error line="32" severity="error" message="Calling method \getID3::analyze in \ID3Handler::getID3 that is always unsafe  (Caused by: ../../vendor/james-heinrich/getid3/getid3/getid3.php +368; ../../vendor/james-heinrich/getid3/getid3/getid3.php +511)" source="SecurityCheck-ShellInjection"/>
  </file>
</checkstyle>

TimedMediaHandler is using shell which seems to make this complicated

Details

Related Gerrit Patches:
mediawiki/extensions/TimedMediaHandler : masterFix phan-taint-check warnings, and add it to extra of composer.json
integration/config : masterEnable seccheck for TimedMediaHandler

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 21 2018, 10:13 AM

Issue in SpecialOrphanedTimedText.php is handled in T202371

Change 458945 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/TimedMediaHandler@master] Fix phan-taint-check warnings, and add it to extra of composer.json

https://gerrit.wikimedia.org/r/458945

Change 458957 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[integration/config@master] Enable seccheck for TimedMediaHandler

https://gerrit.wikimedia.org/r/458957

Change 458957 merged by jenkins-bot:
[integration/config@master] Enable seccheck for TimedMediaHandler

https://gerrit.wikimedia.org/r/458957

Change 458945 merged by jenkins-bot:
[mediawiki/extensions/TimedMediaHandler@master] Fix phan-taint-check warnings, and add it to extra of composer.json

https://gerrit.wikimedia.org/r/458945

Legoktm closed this task as Resolved.Sep 8 2018, 3:43 AM
Legoktm assigned this task to Bawolff.
sbassett triaged this task as Normal priority.Tue, Oct 15, 7:32 PM