r105071 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r105070‎ \| r105071 \| r105072 >
Date:	18:16, 3 December 2011
Author:	aaron
Status:	deferred
Tags:
Comment:	Made FSFileBackend::copy no longer use store() in order to improve error messages and avoid path disclosure
Modified paths:	/branches/FileBackend/phase3/includes/filerepo/FileRepo.php (modified) (history) /branches/FileBackend/phase3/includes/filerepo/backend/FSFileBackend.php (modified) (history) /branches/FileBackend/phase3/languages/messages/MessagesEn.php (modified) (history) /branches/FileBackend/phase3/maintenance/language/messages.inc (modified) (history)

Diff [purge]

Index: branches/FileBackend/phase3/maintenance/language/messages.inc
—	—	@@ -1356,6 +1356,7 @@
1357	1357	'backend-fail-invalidpath',
1358	1358	'backend-fail-delete',
1359	1359	'backend-fail-alreadyexists',
	1360	+ 'backend-fail-store',
1360	1361	'backend-fail-copy',
1361	1362	'backend-fail-move',
1362	1363	'backend-fail-opentemp',
Index: branches/FileBackend/phase3/includes/filerepo/backend/FSFileBackend.php
—	—	@@ -81,9 +81,44 @@
82	82	$status->fatal( 'backend-fail-invalidpath', $params['src'] );
83	83	return $status;
84	84	}
85		~~- $params['src'] = $source; // resolve source to FS path~~
86	85
87		~~- return $this->store( $params ); // both source and dest are on FS~~
	86	+ list( $c, $dest ) = $this->resolveStoragePath( $params['dst'] );
	87	+ if ( $dest === null ) {
	88	+ $status->fatal( 'backend-fail-invalidpath', $params['dst'] );
	89	+ return $status;
	90	+ }
	91	+
	92	+ if ( is_file( $dest ) ) {
	93	+ if ( !empty( $params['overwriteDest'] ) ) {
	94	+ wfSuppressWarnings();
	95	+ $ok = unlink( $dest );
	96	+ wfRestoreWarnings();
	97	+ if ( !$ok ) {
	98	+ $status->fatal( 'backend-fail-delete', $params['dst'] );
	99	+ return $status;
	100	+ }
	101	+ } else {
	102	+ $status->fatal( 'backend-fail-alreadyexists', $params['dst'] );
	103	+ return $status;
	104	+ }
	105	+ } else {
	106	+ if ( !wfMkdirParents( dirname( $dest ) ) ) {
	107	+ $status->fatal( 'directorycreateerror', $params['dst'] );
	108	+ return $status;
	109	+ }
	110	+ }
	111	+
	112	+ wfSuppressWarnings();
	113	+ $ok = copy( $source, $dest );
	114	+ wfRestoreWarnings();
	115	+ if ( !$ok ) {
	116	+ $status->fatal( 'backend-fail-copy', $params['src'], $params['dst'] );
	117	+ return $status;
	118	+ }
	119	+
	120	+ $this->chmod( $dest );
	121	+
	122	+ return $status;
88	123	}
89	124
90	125	function canMove( array $params ) {
Index: branches/FileBackend/phase3/includes/filerepo/FileRepo.php
—	—	@@ -1301,11 +1301,10 @@
1302	1302	* @return string
1303	1303	*/
1304	1304	function simpleClean( $param ) {
	1305	+ global $IP;
1305	1306	if ( !isset( $this->simpleCleanPairs ) ) {
1306		~~- global $IP;~~
1307	1307	$this->simpleCleanPairs = array(
1308		~~- $IP => '$IP',~~
1309		~~- dirname( __FILE__ ) => '$IP/extensions/WebStore', // WTF~~
	1308	+ $IP => '$IP', // sanity
1310	1309	);
1311	1310	}
1312	1311	return strtr( $param, $this->simpleCleanPairs );
Index: branches/FileBackend/phase3/languages/messages/MessagesEn.php
—	—	@@ -2263,6 +2263,7 @@
2264	2264	'backend-fail-invalidpath' => '$1 is not a valid storage path.',
2265	2265	'backend-fail-delete' => 'Could not delete file $1.',
2266	2266	'backend-fail-alreadyexists' => 'The file $1 already exists.',
	2267	+'backend-fail-store' => 'Could not store file $1 at $2',
2267	2268	'backend-fail-copy' => 'Could not copy file $1 to $2',
2268	2269	'backend-fail-move' => 'Could not move file $1 to $2',
2269	2270	'backend-fail-opentemp' => 'Could not open temporary file.',

Status & tagging log

23:51, 7 December 2011 Siebrand (talk | contribs) changed the status of r105071 [removed: new added: deferred]