r50170 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r50169‎ \| r50170 \| r50171 >
Date:	09:46, 4 May 2009
Author:	tstarling
Status:	deferred
Tags:
Comment:	Backported r49212/r50169: template loop check didn't work when redirects were involved. Backporting due to DoS risk.
Modified paths:	/branches/REL1_15/phase3 (modified) (history) /branches/REL1_15/phase3/RELEASE-NOTES (modified) (history) /branches/REL1_15/phase3/includes (modified) (history) /branches/REL1_15/phase3/includes/api (modified) (history) /branches/REL1_15/phase3/includes/parser/Parser.php (modified) (history) /branches/REL1_15/phase3/includes/specials (modified) (history)

Diff [purge]

Index: branches/REL1_15/phase3/includes/parser/Parser.php
—	—	@@ -2853,12 +2853,6 @@
2854	2854	if($wgContLang->hasVariants() && $title->getArticleID() == 0){
2855	2855	$wgContLang->findVariantLink( $part1, $title, true );
2856	2856	}
2857		~~- # Do infinite loop check~~
2858		~~- if ( !$frame->loopCheck( $title ) ) {~~
2859		~~- $found = true;~~
2860		~~- $text = '<span class="error">' . wfMsgForContent( 'parser-template-loop-warning', $titleText ) . '</span>';~~
2861		~~- wfDebug( __METHOD__.": template loop broken at '$titleText'\n" );~~
2862		~~- }~~
2863	2857	# Do recursion depth check
2864	2858	$limit = $this->mOptions->getMaxTemplateDepth();
2865	2859	if ( $frame->depth >= $limit ) {
—	—	@@ -2908,6 +2902,14 @@
2909	2903	}
2910	2904	$found = true;
2911	2905	}
	2906	+
	2907	+ # Do infinite loop check
	2908	+ # This has to be done after redirect resolution to avoid infinite loops via redirects
	2909	+ if ( !$frame->loopCheck( $title ) ) {
	2910	+ $found = true;
	2911	+ $text = '<span class="error">' . wfMsgForContent( 'parser-template-loop-warning', $titleText ) . '</span>';
	2912	+ wfDebug( __METHOD__.": template loop broken at '$titleText'\n" );
	2913	+ }
2912	2914	wfProfileOut( __METHOD__ . '-loadtpl' );
2913	2915	}
2914	2916
Property changes on: branches/REL1_15/phase3/includes/api
___________________________________________________________________
Name: svn:mergeinfo
2915	2917	- /trunk/phase3/includes/api:48813-48814,48819,48836,48886,48892,48909,48989,48992,49002,49051,49068,49086,49191-49192,49682,49685,49730,49775,50070
2916	2918	+ /trunk/phase3/includes/api:48813-48814,48819,48836,48886,48892,48909,48989,48992,49002,49051,49068,49086,49191-49192,49212,49682,49685,49730,49775,50070,50169
Property changes on: branches/REL1_15/phase3/includes/specials
___________________________________________________________________
Name: svn:mergeinfo
2917	2919	- /trunk/phase3/includes/specials:48836,48886,48892,48989,48992-48993,49002,49051,49068,49086,49191-49192,49682,49685,49730,49775,50070
/trunk/phase3/includes/specials/specials:48993
2918	2920	+ /trunk/phase3/includes/specials:48836,48886,48892,48989,48992-48993,49002,49051,49068,49086,49191-49192,49212,49682,49685,49730,49775,50070,50169
/trunk/phase3/includes/specials/specials:48993
Property changes on: branches/REL1_15/phase3/includes
___________________________________________________________________
Name: svn:mergeinfo
2919	2921	- /trunk/phase3/includes:48836,48886,48892,48989,48992,49002,49051,49068,49086,49191-49192,49682,49685,49730,49775,50070
/trunk/phase3/includes/specials:48993
2920	2922	+ /trunk/phase3/includes:48836,48886,48892,48989,48992,49002,49051,49068,49086,49191-49192,49212,49682,49685,49730,49775,50070,50169
/trunk/phase3/includes/specials:48993
Index: branches/REL1_15/phase3/RELEASE-NOTES
—	—	@@ -337,6 +337,9 @@
338	338	a POST request
339	339	* (bug 18099) Using appendtext to edit a non-existent page causes an interface
340	340	message to be included in the page text
	341	+* Fixed the circular template inclusion check, was broken when the loop
	342	+ involved redirects. Without this, infinite recursion within the parser is
	343	+ possible.
341	344
342	345	=== Languages updated in 1.15 ===
343	346
Property changes on: branches/REL1_15/phase3
___________________________________________________________________
Name: svn:mergeinfo
344	347	- /trunk/phase3:48814,48836,48886,48892,48909,48989,48992,49002,49051,49068,49086,49191-49192,49682,49685,49730,49775,50070
345	348	+ /trunk/phase3:48814,48836,48886,48892,48909,48989,48992,49002,49051,49068,49086,49191-49192,49212,49682,49685,49730,49775,50070,50169

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r49212	Move the circular reference check to after redirect resolution, to avoid in...	tstarling	15:01, 5 April 2009
r50169	Added release notes entry for user-visible change r49212: fix for template lo...	tstarling	09:42, 4 May 2009

Status & tagging log

07:09, 19 May 2009 Tim Starling (talk | contribs) changed the status of r50170 [removed: new added: deferred]
20:30, 4 May 2009 Brion VIBBER (talk | contribs) changed the status of r50170 [removed: new added: deferred]