Database::isWriteQuery() returns true if the query has leading whitespace
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Legoktm
	Dec 18 2019, 6:37 AM

Description

>>> $dbr->isWriteQuery( 'SELECT foo' );
=> false
>>> $dbr->isWriteQuery( ' SELECT foo' );
=> true

Yes there probably shouldn't be leading whitespace in a query but the failure mode is weird, because it throws an exception for trying to do a write query on DB_REPLICA. Seen in the SelectCategory extension.

Details

	Subject	Repo	Branch	Lines +/-
	rdbms: Account for leading spaces in isWriteQuery	mediawiki/core	master	+30 -1
	rdbms: Account for leading spaces in isWriteQuery	mediawiki/extensions/AbuseFilter	master	+0 -0

Customize query in gerrit

Event Timeline

Legoktm created this task.Dec 18 2019, 6:37 AM

Restricted Application added a project: Platform Engineering. · View Herald TranscriptDec 18 2019, 6:37 AM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

That extension is using query() rather than the usual query-building methods like select(), which is a code smell IMO.

Change 559466 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/extensions/AbuseFilter@master] rdbms: Account for leading spaces in isWriteQuery

https://gerrit.wikimedia.org/r/559466

Change 559466 abandoned by Daimona Eaytoy:
rdbms: Account for leading spaces in isWriteQuery

Reason:
Whoops, wrong repo

https://gerrit.wikimedia.org/r/559466

Change 559467 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/core@master] rdbms: Account for leading spaces in isWriteQuery

https://gerrit.wikimedia.org/r/559467

In T241034#5751684, @Anomie wrote:

That extension is using query() rather than the usual query-building methods like select(), which is a code smell IMO.

I second that. Nevertheless, I believe this issue should be fixed.

Krinkle moved this task from Untriaged to Rdbms library on the MediaWiki-libs-Rdbms board.Dec 20 2019, 3:49 PM

Umherirrender closed this task as Resolved.Dec 30 2019, 9:24 PM

Change 559467 merged by jenkins-bot:
[mediawiki/core@master] rdbms: Account for leading spaces in isWriteQuery

https://gerrit.wikimedia.org/r/559467

ReleaseTaggerBot added a project: MW-1.35-notes (1.35.0-wmf.14; 2020-01-07).Dec 30 2019, 10:00 PM

Maintenance_bot removed a project: Patch-For-Review.Dec 30 2019, 10:10 PM

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:38 PM