From: Reedy <reedy@wikimedia.org>
Date: Tue, 28 Mar 2017 20:47:08 +0000 (+0100)
Subject: SECURITY: Don't write LocalisationCache to temporary directory
X-Git-Tag: 1.31.0-rc.0~3570^2~2
X-Git-Url: http://git.cyclocoop.org/%27-%20%20.%20url_absolue%28find_in_path%28%27spip_style.css%27%29%29%20%20%20.%20url_absolue%28find_in_path%28%27prive/spip_style.css%27%29%29%20.%20%27?a=commitdiff_plain;h=b2301ab354afb1688862a78cdcac76bee91fe81c;p=lhc%2Fweb%2Fwiklou.git

SECURITY: Don't write LocalisationCache to temporary directory

Bug: T161453
Change-Id: I51b375c63fcece908da921c465c861968c9eee1c
---

diff --git a/RELEASE-NOTES-1.29 b/RELEASE-NOTES-1.29
index 25f72a8c0e..8b099bd893 100644
--- a/RELEASE-NOTES-1.29
+++ b/RELEASE-NOTES-1.29
@@ -35,6 +35,8 @@ production.
 * (T156983) $wgRateLimitsExcludedIPs now accepts CIDR ranges as well as single IPs.
 * $wgDummyLanguageCodes is deprecated. Additional language code mappings may be
   added to $wgExtraLanguageCodes instead.
+* (T161453) LocalisationCache will no longer use the temporary directory in it's
+  fallback chain when trying to work out where to write the cache.
 
 === New features in 1.29 ===
 * (T5233) A cookie can now be set when a user is autoblocked, to track that user
@@ -97,6 +99,8 @@ production.
 * (T156184) SECURITY: Escape content model/format url parameter in message.
 * (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
   declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+  in it's fallback chain when trying to work out where to write the cache.
 
 === Action API changes in 1.29 ===
 * Submitting sensitive authentication request parameters to action=login,
diff --git a/includes/cache/localisation/LocalisationCache.php b/includes/cache/localisation/LocalisationCache.php
index cbff113761..d499340d0e 100644
--- a/includes/cache/localisation/LocalisationCache.php
+++ b/includes/cache/localisation/LocalisationCache.php
@@ -212,19 +212,17 @@ class LocalisationCache {
 				case 'detect':
 					if ( !empty( $conf['storeDirectory'] ) ) {
 						$storeClass = 'LCStoreCDB';
+					} elseif ( $wgCacheDirectory ) {
+						$storeConf['directory'] = $wgCacheDirectory;
+						$storeClass = 'LCStoreCDB';
 					} else {
-						$cacheDir = $wgCacheDirectory ?: wfTempDir();
-						if ( $cacheDir ) {
-							$storeConf['directory'] = $cacheDir;
-							$storeClass = 'LCStoreCDB';
-						} else {
-							$storeClass = 'LCStoreDB';
-						}
+						$storeClass = 'LCStoreDB';
 					}
 					break;
 				default:
 					throw new MWException(
-						'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.' );
+						'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.'
+					);
 			}
 		}