Page MenuHomePhabricator

Add phan-taint-check-plugin to EducationProgram extension
Closed, ResolvedPublic

Description

Would be nice to add phan-taint-check-plugin to EducationProgram extensions

<?xml version="1.0" encoding="ISO-8859-15"?>
<checkstyle version="6.5">
  <file name="./includes/actions/HistoryAction.php">
    <error line="94" severity="warning" message="Calling method \OutputPage::addHTML() in \EducationProgram\HistoryAction::displayRevisions that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/actions/HistoryAction.php +71)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./includes/actions/ViewOrgAction.php">
    <error line="99" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\ViewOrgAction::getSummaryData that outputs using tainted argument $stat." source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./includes/pagers/ArticleTable.php">
    <error line="375" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375)" source="SecurityCheck-XSS"/>
    <error line="375" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375; ./includes/pagers/ArticleTable.php +404)" source="SecurityCheck-XSS"/>
    <error line="375" severity="warning" message="Calling method \Linker::link() in \EducationProgram\ArticleTable::getArticleCell that outputs using tainted argument $html. (Caused by: ../../includes/Linker.php +113) (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375)" source="SecurityCheck-XSS"/>
    <error line="375" severity="warning" message="Calling method \Linker::link() in \EducationProgram\ArticleTable::getArticleCell that outputs using tainted argument $html. (Caused by: ../../includes/Linker.php +113) (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375; ./includes/pagers/ArticleTable.php +404)" source="SecurityCheck-XSS"/>
    <error line="404" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375)" source="SecurityCheck-XSS"/>
    <error line="404" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: ./includes/pagers/ArticleTable.php +372; ../../includes/user/UserGroupMembership.php +402; ./includes/pagers/ArticleTable.php +375; ./includes/pagers/ArticleTable.php +404)" source="SecurityCheck-XSS"/>
  </file>
  <file name="./includes/pagers/CoursePager.php">
    <error line="146" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\CoursePager::getFormattedValue that outputs using tainted argument $value." source="SecurityCheck-DoubleEscaped"/>
    <error line="158" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\CoursePager::getFormattedValue that outputs using tainted argument $[arg #1]. (Caused by: ./includes/pagers/CoursePager.php +153)" source="SecurityCheck-DoubleEscaped"/>
    <error line="165" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\CoursePager::getFormattedValue that outputs using tainted argument $[arg #1]. (Caused by: ./includes/pagers/CoursePager.php +153; ./includes/pagers/CoursePager.php +158)" source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./includes/pagers/OrgPager.php">
    <error line="114" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\OrgPager::getFormattedValue that outputs using tainted argument $[arg #1]." source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./includes/pagers/StudentActivityPager.php">
    <error line="106" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\StudentActivityPager::getFormattedValue that outputs using tainted argument $[arg #1]." source="SecurityCheck-DoubleEscaped"/>
  </file>
  <file name="./includes/pagers/StudentPager.php">
    <error line="91" severity="warning" message="Calling method \htmlspecialchars() in \EducationProgram\StudentPager::getFormattedValue that outputs using tainted argument $[arg #1]." source="SecurityCheck-DoubleEscaped"/>
  </file>
</checkstyle>

Possible affected by T183174

Details

Related Gerrit Patches:
integration/config : masterseccheck for EducationProgram
mediawiki/extensions/EducationProgram : masterFix phan-taint-check-plugin issues

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 21 2018, 11:17 AM

Change 456808 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/EducationProgram@master] Fix phan-taint-check-plugin issues

https://gerrit.wikimedia.org/r/456808

Legoktm claimed this task.Sep 1 2018, 6:33 AM

Change 456808 merged by jenkins-bot:
[mediawiki/extensions/EducationProgram@master] Fix phan-taint-check-plugin issues

https://gerrit.wikimedia.org/r/456808

Change 457068 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[integration/config@master] seccheck for EducationProgram

https://gerrit.wikimedia.org/r/457068

Change 457068 merged by jenkins-bot:
[integration/config@master] seccheck for EducationProgram

https://gerrit.wikimedia.org/r/457068

Legoktm closed this task as Resolved.Sep 1 2018, 10:20 PM
sbassett triaged this task as Medium priority.Oct 15 2019, 7:34 PM