From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 18 Apr 2016 16:45:56 +0000 (-0400)
Subject: SECURITY: Do not allow undeleting a revdel'd file if its top file
X-Git-Tag: 1.31.0-rc.0~5956^2
X-Git-Url: http://git.cyclocoop.org/%40spipnet%40?a=commitdiff_plain;h=5c24203c6ed3153a629eb2e6b812b96f27155bd0;p=lhc%2Fweb%2Fwiklou.git

SECURITY: Do not allow undeleting a revdel'd file if its top file

This prevents admins being able to view suppressed files, by simply
deleting them, and then undeleting only the file revision that they
want to view.

This dates back to r43288. Unclear if it was intentional.

Bug: T132926
Change-Id: Ib767de853a37099305db20529378fa756ee1bdfe
---

diff --git a/includes/filerepo/file/LocalFile.php b/includes/filerepo/file/LocalFile.php
index 91d628c826..7e6e651746 100644
--- a/includes/filerepo/file/LocalFile.php
+++ b/includes/filerepo/file/LocalFile.php
@@ -2596,8 +2596,9 @@ class LocalFileRestoreBatch {
 
 				// The live (current) version cannot be hidden!
 				if ( !$this->unsuppress && $row->fa_deleted ) {
-					$storeBatch[] = [ $deletedUrl, 'public', $destRel ];
-					$this->cleanupBatch[] = $row->fa_storage_key;
+					$status->fatal( 'undeleterevdel' );
+					$this->file->unlock();
+					return $status;
 				}
 			} else {
 				$archiveName = $row->fa_archive_name;