From: Brian Wolff Date: Sun, 17 Feb 2019 11:41:11 +0000 (+0000) Subject: Various fixes for phan-taint-check X-Git-Tag: 1.34.0-rc.0~2777^2 X-Git-Url: http://git.cyclocoop.org/data/%27%20.%20mediabox_timestamp%28find_in_path%28%27javascript/%7B%24www_url%7Dadmin/compta/operations/%40%20%27info_etape_suivante_2%27%20=%3E%20%27You%20can%20move%20on%20to%20the%20next%20step.%27%2C%20%27info_exceptions_proxy%27%20=%3E%20%27Exceptions%20for%20the%20proxy%27%2C%20%27info_exportation_base%27%20=%3E%20%27export%20database%20to%20%40archive%40%27%2C-%27info_facilite_suivi_activite%27%20=%3E%20%27To%20simplify%20monitoring%20of%20the%20site/%27s%20editorial;-%20%20activities%2C%20SPIP%20can%20send%20rmail%20notifications%2C%20e.g.%20to%20an%20editors/%27.%28%24current%20%3E%202?a=commitdiff_plain;h=286d49011f5ad2593cb1cd8fff04369d9dc947c7;p=lhc%2Fweb%2Fwiklou.git Various fixes for phan-taint-check Bug: T216348 Change-Id: I0adafdc680dae0e930f38f08fe926645c57be06c --- diff --git a/includes/installer/DatabaseInstaller.php b/includes/installer/DatabaseInstaller.php index bb30d3d1ef..6315de465b 100644 --- a/includes/installer/DatabaseInstaller.php +++ b/includes/installer/DatabaseInstaller.php @@ -373,6 +373,7 @@ abstract class DatabaseInstaller { /** * Perform database upgrades * + * @suppress SecurityCheck-XSS Escaping provided by $this->outputHandler * @return bool */ public function doUpgrade() { diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php index 5a3d77adf4..20661f240d 100644 --- a/includes/installer/Installer.php +++ b/includes/installer/Installer.php @@ -1464,6 +1464,7 @@ abstract class Installer { /** * Installs the auto-detected extensions. * + * @suppress SecurityCheck-OTHER It thinks $exts/$IP is user controlled but they are not. * @return Status */ protected function includeExtensions() { diff --git a/includes/jobqueue/JobQueueDB.php b/includes/jobqueue/JobQueueDB.php index fa17284ecd..cda0636c86 100644 --- a/includes/jobqueue/JobQueueDB.php +++ b/includes/jobqueue/JobQueueDB.php @@ -206,6 +206,7 @@ class JobQueueDB extends JobQueue { /** * This function should *not* be called outside of JobQueueDB * + * @suppress SecurityCheck-SQLInjection Bug in phan-taint-check handling bulk inserts * @param IDatabase $dbw * @param IJobSpecification[] $jobs * @param int $flags diff --git a/includes/parser/LinkHolderArray.php b/includes/parser/LinkHolderArray.php index f4856be96d..078c819d6f 100644 --- a/includes/parser/LinkHolderArray.php +++ b/includes/parser/LinkHolderArray.php @@ -275,6 +275,7 @@ class LinkHolderArray { /** * Replace internal links + * @suppress SecurityCheck-XSS Gets confused with $entry['pdbk'] * @param string &$text */ protected function replaceInternal( &$text ) { @@ -418,6 +419,7 @@ class LinkHolderArray { /** * Replace interwiki links * @param string &$text + * @suppress SecurityCheck-XSS Gets confused with $this->interwikis['pdbk'] */ protected function replaceInterwiki( &$text ) { if ( empty( $this->interwikis ) ) {