Page MenuHomePhabricator
Create Task
Maniphest T44627

Placeholder for bugs related to security audit of CLIENT
Closed, ResolvedPublic
Actions

Description

Can't find the correct bug, using this as a placeholder for now.

There are several bugs reported in an email. This lists the issues and fixes
for the client.

./client/includes/store/sql/SiteLinkRemoteTable.php

  • Please intval $item->getId()->getNumericId() before concating into

sql Line 108

Version: unspecified
Severity: major

Details

Reference
bz42627

Event Timeline

bzimport raised the priority of this task from to Unbreak Now!.Nov 22 2014, 1:11 AM
bzimport added a project: MediaWiki-extensions-WikibaseClient.
bzimport set Reference to bz42627.
jeblad created this task.Dec 2 2012, 4:18 PM
jeblad added a comment.Dec 2 2012, 4:32 PM

Change I67cb1ba9: Added casts to numeric id in EntityId

The call to getNumericId() should not be able to return anything except an integer.

Aklapper added a comment.Dec 3 2012, 10:04 AM

jeblad: I don't understand what is meant by "Can't find the correct bug, using this as a placeholder for now". That there should be a bug report already?
If so, it might be in the "Security" product instead.

Abraham added a comment.Dec 12 2012, 4:34 PM

Verified in Wikidata demo sprint 26

Luke081515 removed a subscriber: wikibugs-l-list.Jan 28 2016, 6:02 PM
Restricted Application added a project: Wikidata. · View Herald TranscriptJan 28 2016, 6:02 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL