(Bug 45355) Read of arbitrary files through mwdoc-filter.php

The file maintenance/mwdoc-filter.php can be abused under certain server
configurations to read the contents of arbitrary files.

In case you
 - you have deleted the maintenance folder or
 - you have that folder denied in the server configuration or
 - the server is processing .htaccess overrides or
 - you are using PHP 5.4.0 (or later) or
 - you have register_globals disabled
it is believed that you are not vulnerable.

See https://bugzilla.wikimedia.org/45355 for details.

Change-Id: I3c49439b25896a6100ce415629353bccfc84490a

diff --git a/maintenance/mwdoc-filter.php b/maintenance/mwdoc-filter.php
index ab05a3e..6eeb48d 100644 (file)
--- a/maintenance/mwdoc-filter.php
+++ b/maintenance/mwdoc-filter.php
@@ -11,6 +11,10 @@
  * @file
  */
 
+if ( PHP_SAPI != 'cli' ) {
+       die( "This filter can only be run from the command line.\n" );
+}
+
 $source = file_get_contents( $argv[1] );
 $regexp = '#\@var\s+([^\s]+)([^/]+)/\s+(var|public|protected|private)\s+(\$[^\s;=]+)#';
 $replac = '${2} */ ${3} ${1} ${4}';