Would be nice to add phan-taint-check-plugin to CheckUser extensions
<?xml version="1.0" encoding="ISO-8859-15"?> <checkstyle version="6.5"> <file name="./includes/specials/SpecialCheckUser.php"> <error line="766" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doIPEditsRequest that outputs using tainted argument $s. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +760; ./includes/specials/SpecialCheckUser.php +763; ./includes/specials/SpecialCheckUser.php +766)" source="SecurityCheck-XSS"/> <error line="868" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doUserEditsRequest that outputs using tainted argument $s. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +858; ./includes/specials/SpecialCheckUser.php +855; ./includes/specials/SpecialCheckUser.php +860; ./includes/specials/SpecialCheckUser.php +864; ./includes/specials/SpecialCheckUser.php +866)" source="SecurityCheck-XSS"/> <error line="901" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doUserEditsRequest that outputs using tainted argument $html. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +896; ./includes/specials/SpecialCheckUser.php +898)" source="SecurityCheck-XSS"/> </file> </checkstyle>
The issue is in CUChangesLine, but I cannot find the line in this string concat