Various fixes for phan-taint-check

Change-Id: I56f42ef2d2e9b4f3c23e1e93d1a4d3db64f16de7

diff --git a/maintenance/includes/MigrateActors.php b/maintenance/includes/MigrateActors.php
index ba6c375..ef8756f 100644 (file)
--- a/maintenance/includes/MigrateActors.php
+++ b/maintenance/includes/MigrateActors.php
@@ -144,6 +144,8 @@ class MigrateActors extends LoggedUpdateMaintenance {
 
        /**
         * Add actors for anons in a set of rows
+        *
+        * @suppress SecurityCheck-SQLInjection The array_keys/array_map is too much for static analysis
         * @param IDatabase $dbw
         * @param string $nameField
         * @param object[] &$rows

diff --git a/maintenance/renameDbPrefix.php b/maintenance/renameDbPrefix.php
index 73bc4d9..e5aa23e 100644 (file)
--- a/maintenance/renameDbPrefix.php
+++ b/maintenance/renameDbPrefix.php
@@ -82,7 +82,9 @@ class RenameDbPrefix extends Maintenance {
                                // $old should be regexp safe ([a-zA-Z_])
                                $newTable = preg_replace( '/^' . $old . '/', $new, $table );
                                $this->output( "Renaming table $table to $newTable\n" );
-                               $dbw->query( "RENAME TABLE $table TO $newTable" );
+                               $oldTableEnc = $dbw->addIdentifierQuotes( $table );
+                               $newTableEnc = $dbw->addIdentifierQuotes( $newTable );
+                               $dbw->query( "RENAME TABLE $oldTableEnc TO $newTableEnc" );
                        }
                        $count++;
                }