r91022 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r91021‎ \| r91022 \| r91023 >
Date:	22:00, 28 June 2011
Author:	nelson
Status:	ok (Comments)
Tags:
Comment:	UploadStashFile::__construct() can't assume that the mwrepo-produced paths match the temp zone.
Modified paths:	/trunk/phase3/includes/upload/UploadStash.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/upload/UploadStash.php
—	—	@@ -258,20 +258,21 @@
259	259	// resolve mwrepo:// urls
260	260	if ( $repo->isVirtualUrl( $path ) ) {
261	261	$path = $repo->resolveVirtualUrl( $path );
262		~~- }~~
	262	+ } else {
263	263
264		~~- // check if path appears to be sane, no parent traversals, and is in this repo's temp zone.~~
265		~~- $repoTempPath = $repo->getZonePath( 'temp' );~~
266		~~- if ( ( ! $repo->validateFilename( $path ) ) \|\|~~
267		~~- ( strpos( $path, $repoTempPath ) !== 0 ) ) {~~
268		~~- wfDebug( "UploadStash: tried to construct an UploadStashFile from a file that should already exist at '$path', but path is not valid\n" );~~
269		~~- throw new UploadStashBadPathException( 'path is not valid' );~~
270		~~- }~~
	264	+ // check if path appears to be sane, no parent traversals, and is in this repo's temp zone.
	265	+ $repoTempPath = $repo->getZonePath( 'temp' );
	266	+ if ( ( ! $repo->validateFilename( $path ) ) \|\|
	267	+ ( strpos( $path, $repoTempPath ) !== 0 ) ) {
	268	+ wfDebug( "UploadStash: tried to construct an UploadStashFile from a file that should already exist at '$path', but path is not valid\n" );
	269	+ throw new UploadStashBadPathException( 'path is not valid' );
	270	+ }
271	271
272		~~- // check if path exists! and is a plain file.~~
273		~~- if ( ! $repo->fileExists( $path, FileRepo::FILES_ONLY ) ) {~~
274		~~- wfDebug( "UploadStash: tried to construct an UploadStashFile from a file that should already exist at '$path', but path is not found\n" );~~
275		~~- throw new UploadStashFileNotFoundException( 'cannot find path, or not a plain file' );~~
	272	+ // check if path exists! and is a plain file.
	273	+ if ( ! $repo->fileExists( $path, FileRepo::FILES_ONLY ) ) {
	274	+ wfDebug( "UploadStash: tried to construct an UploadStashFile from a file that should already exist at '$path', but path is not found\n" );
	275	+ throw new UploadStashFileNotFoundException( 'cannot find path, or not a plain file' );
	276	+ }
276	277	}
277	278
278	279	parent::__construct( false, $repo, $path, false );

Comments

#Comment by RussNelson (talk | contribs) 22:05, 28 June 2011

The only change is that the checks on the pathname are skipped if the path came from a virtual url. In particular, Swift is returning an actual local pathname (which are always temporary anyway), which doesn't match the temp zone (which is an actual Swift container whose name doesn't match /tmp).

#Comment by Aaron Schulz (talk | contribs) 21:36, 4 August 2011

Seems OK.

Status & tagging log

21:36, 4 August 2011 Aaron Schulz (talk | contribs) changed the status of r91022 [removed: new added: ok]