Would be nice to add phan-taint-check-plugin to FlaggedRevs extensions
<?xml version="1.0" encoding="ISO-8859-15"?> <checkstyle version="6.5"> <file name="./frontend/FlaggablePageView.php"> <error line="2070" severity="warning" message="Calling method \Xml::tags() in \FlaggablePageView::addReviewCheck that outputs using tainted argument $attribs. (Caused by: Builtin-\Xml::tags) (Caused by: ./frontend/FlaggablePageView.php +2069)" source="SecurityCheck-DoubleEscaped"/> </file> <file name="./maintenance/clearCachedText.php"> <error line="63" severity="warning" message="Echoing expression that was not html escaped (Caused by: ./maintenance/clearCachedText.php +20; ./maintenance/clearCachedText.php +60)" source="SecurityCheck-XSS"/> </file> <file name="./maintenance/fixBug28348.php"> <error line="49" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \FixBug28348::update_images_bug_28348 that outputs using tainted argument $cond. (Caused by: ./maintenance/fixBug28348.php +47; ./maintenance/fixBug28348.php +32; ./maintenance/fixBug28348.php +46; ./maintenance/fixBug28348.php +41; ./maintenance/fixBug28348.php +32; ./maintenance/fixBug28348.php +46)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/flagToSemiProtect.php"> <error line="67" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \FlagProtectToSemiProtect::flag_to_semi_protect that outputs using tainted argument $[arg #3]. (Caused by: ./maintenance/flagToSemiProtect.php +54; ./maintenance/flagToSemiProtect.php +62; ./maintenance/flagToSemiProtect.php +54)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/populateRevTimestamp.php"> <error line="55" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \PopulateFRRevTimestamp::populate_fr_rev_timestamp that outputs using tainted argument $cond. (Caused by: ./maintenance/populateRevTimestamp.php +54; ./maintenance/populateRevTimestamp.php +34; ./maintenance/populateRevTimestamp.php +39; ./maintenance/populateRevTimestamp.php +53; ./maintenance/populateRevTimestamp.php +48; ./maintenance/populateRevTime...)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/pruneRevData.php"> <error line="60" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \PruneFRIncludeData::prune_flaggedrevs that outputs using tainted argument $cond. (Caused by: ./maintenance/pruneRevData.php +59; ./maintenance/pruneRevData.php +42; ./maintenance/pruneRevData.php +58; ./maintenance/pruneRevData.php +50; ./maintenance/pruneRevData.php +42; ./maintenance/pruneRevData.php +58)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/purgeReviewablePages.php"> <error line="75" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \PurgeReviewablePages::list_reviewable_pages that outputs using tainted argument $[arg #3]. (Caused by: ./maintenance/purgeReviewablePages.php +61; ./maintenance/purgeReviewablePages.php +69; ./maintenance/purgeReviewablePages.php +61)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/reviewAllPages.php"> <error line="59" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \ReviewAllPages::autoreview_current that outputs using tainted argument $[arg #3]. (Caused by: ./maintenance/reviewAllPages.php +43; ./maintenance/reviewAllPages.php +51; ./maintenance/reviewAllPages.php +43)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/updateAutoPromote.php"> <error line="41" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \UpdateFRAutoPromote::execute that outputs using tainted argument $cond. (Caused by: ./maintenance/updateAutoPromote.php +40; ./maintenance/updateAutoPromote.php +38; ./maintenance/updateAutoPromote.php +37; ./maintenance/updateAutoPromote.php +29)" source="SecurityCheck-SQLInjection"/> </file> <file name="./maintenance/updateTracking.php"> <error line="75" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \UpdateFRTracking::update_flaggedrevs that outputs using tainted argument $cond. (Caused by: ./maintenance/updateTracking.php +73; ./maintenance/updateTracking.php +58; ./maintenance/updateTracking.php +72; ./maintenance/updateTracking.php +67; ./maintenance/updateTracking.php +58; ./maintenance/updateTracking.php +72)" source="SecurityCheck-SQLInjection"/> <error line="167" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \UpdateFRTracking::update_flaggedpages that outputs using tainted argument $cond. (Caused by: ./maintenance/updateTracking.php +166; ./maintenance/updateTracking.php +152; ./maintenance/updateTracking.php +165; ./maintenance/updateTracking.php +161; ./maintenance/updateTracking.php +152; ./maintenance/updateTracking.php +165)" source="SecurityCheck-SQLInjection"/> <error line="210" severity="error" message="Calling method \Wikimedia\Rdbms\Database::delete() in \UpdateFRTracking::update_flaggedpages that outputs using tainted argument $[arg #2]. (Caused by: ../../includes/libs/rdbms/database/Database.php +2895) (Caused by: ./maintenance/updateTracking.php +152; ./maintenance/updateTracking.php +165; ./maintenance/updateTracking.php +161; ./maintenance/updateTracking.php +152; ./maintenance/updateTracking.php +165)" source="SecurityCheck-SQLInjection"/> <error line="252" severity="error" message="Calling method \Wikimedia\Rdbms\Database::update() in \UpdateFRTracking::update_flaggedimages that outputs using tainted argument $[arg #3]. (Caused by: ./maintenance/updateTracking.php +249; ./maintenance/updateTracking.php +235; ./maintenance/updateTracking.php +248; ./maintenance/updateTracking.php +244; ./maintenance/updateTracking.php +235; ./maintenance/updateTracking.php +248)" source="SecurityCheck-SQLInjection"/> </file> </checkstyle>
Many issues, possible false positive, in maintenance script