From 5c24203c6ed3153a629eb2e6b812b96f27155bd0 Mon Sep 17 00:00:00 2001
From: Brian Wolff <bawolff+wn@gmail.com>
Date: Mon, 18 Apr 2016 12:45:56 -0400
Subject: [PATCH] SECURITY: Do not allow undeleting a revdel'd file if its top
 file

This prevents admins being able to view suppressed files, by simply
deleting them, and then undeleting only the file revision that they
want to view.

This dates back to r43288. Unclear if it was intentional.

Bug: T132926
Change-Id: Ib767de853a37099305db20529378fa756ee1bdfe
---
 includes/filerepo/file/LocalFile.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/includes/filerepo/file/LocalFile.php b/includes/filerepo/file/LocalFile.php
index 91d628c826..7e6e651746 100644
--- a/includes/filerepo/file/LocalFile.php
+++ b/includes/filerepo/file/LocalFile.php
@@ -2596,8 +2596,9 @@ class LocalFileRestoreBatch {
 
 				// The live (current) version cannot be hidden!
 				if ( !$this->unsuppress && $row->fa_deleted ) {
-					$storeBatch[] = [ $deletedUrl, 'public', $destRel ];
-					$this->cleanupBatch[] = $row->fa_storage_key;
+					$status->fatal( 'undeleterevdel' );
+					$this->file->unlock();
+					return $status;
 				}
 			} else {
 				$archiveName = $row->fa_archive_name;
-- 
2.20.1