dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f05bf40)
Fix some phan-taint-check false positives
authorBrian Wolff <bawolff+wn@gmail.com>
Thu, 20 Sep 2018 05:38:05 +0000 (05:38 +0000)
committerKunal Mehta <legoktm@member.fsf.org>
Sat, 22 Sep 2018 00:27:44 +0000 (17:27 -0700)
Change-Id: Ic5ccbb3f97722476bee7188b83b80cdc652d2a64

includes/actions/RawAction.php patch | blob | history
includes/changetags/ChangeTags.php patch | blob | history
includes/installer/MysqlUpdater.php patch | blob | history
includes/libs/rdbms/database/DatabasePostgres.php patch | blob | history
includes/pager/IndexPager.php patch | blob | history

diff --git a/includes/actions/RawAction.php b/includes/actions/RawAction.php
index 50eb28a..817c9fd 100644 (file)
--- a/includes/actions/RawAction.php
+++ b/includes/actions/RawAction.php
@@ -47,6 +47,9 @@ class RawAction extends FormlessAction {
                return false;
        }
 
+       /**
+        * @suppress SecurityCheck-XSS Non html mime type
+        */
        function onView() {
                $this->getOutput()->disable();
                $request = $this->getRequest();
diff --git a/includes/changetags/ChangeTags.php b/includes/changetags/ChangeTags.php
index 008a2f6..45a35c0 100644 (file)
--- a/includes/changetags/ChangeTags.php
+++ b/includes/changetags/ChangeTags.php
@@ -88,6 +88,7 @@ class ChangeTags {
         * @return array Array with two items: (html, classes)
         *   - html: String: HTML for displaying the tags (empty string when param $tags is empty)
         *   - classes: Array of strings: CSS classes used in the generated html, one class for each tag
+        * @return-taint onlysafefor_htmlnoent
         */
        public static function formatSummaryRow( $tags, $page, IContextSource $context = null ) {
                if ( !$tags ) {
diff --git a/includes/installer/MysqlUpdater.php b/includes/installer/MysqlUpdater.php
index 2423634..6430ece 100644 (file)
--- a/includes/installer/MysqlUpdater.php
+++ b/includes/installer/MysqlUpdater.php
@@ -601,7 +601,7 @@ class MysqlUpdater extends DatabaseUpdater {
 
                        foreach ( $rows as $row ) {
                                if ( $prev_title == $row->cur_title && $prev_namespace == $row->cur_namespace ) {
-                                       $deleteId[] = $row->cur_id;
+                                       $deleteId[] = (int)$row->cur_id;
                                }
                                $prev_title = $row->cur_title;
                                $prev_namespace = $row->cur_namespace;
diff --git a/includes/libs/rdbms/database/DatabasePostgres.php b/includes/libs/rdbms/database/DatabasePostgres.php
index 3c2f145..691a4b7 100644 (file)
--- a/includes/libs/rdbms/database/DatabasePostgres.php
+++ b/includes/libs/rdbms/database/DatabasePostgres.php
@@ -861,6 +861,9 @@ __INDEXATTR__;
                return false;
        }
 
+       /**
+        * @suppress SecurityCheck-SQLInjection array_map not recognized T204911
+        */
        public function listTables( $prefix = null, $fname = __METHOD__ ) {
                $eschemas = implode( ',', array_map( [ $this, 'addQuotes' ], $this->getCoreSchemas() ) );
                $result = $this->query(
diff --git a/includes/pager/IndexPager.php b/includes/pager/IndexPager.php
index 7ce125d..05af4fd 100644 (file)
--- a/includes/pager/IndexPager.php
+++ b/includes/pager/IndexPager.php
@@ -80,6 +80,7 @@ abstract class IndexPager extends ContextSource implements Pager {
        public $mDefaultLimit = 50;
        public $mOffset, $mLimit;
        public $mQueryDone = false;
+       /** @var IDatabase */
        public $mDb;
        public $mPastTheEndRow;
 
Wiklou, le Wiki du Wiklou