From: Tim Starling Date: Mon, 6 May 2013 07:34:23 +0000 (+1000) Subject: Remove taint support X-Git-Tag: 1.31.0-rc.0~19728^2 X-Git-Url: https://git.heureux-cyclage.org/?a=commitdiff_plain;ds=sidebyside;h=196865004d87e3ad26c37426f49d6a770fe58e3d;p=lhc%2Fweb%2Fwiklou.git Remove taint support Venema's taint feature was apparently never publicised beyond the php-dev mailing list, and now there is a PECL taint extension which is incompatible with the interface assumed here. Grep confirms that wfArrayMap() is not used in any extensions. Change-Id: I17d8d302947443262474c608829c7c7504bef589 --- diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index 51c67a6315..5c45577ee6 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -93,26 +93,6 @@ if ( !function_exists( 'mb_strrpos' ) ) { return Fallback::mb_strrpos( $haystack, $needle, $offset, $encoding ); } } - -// Support for Wietse Venema's taint feature -if ( !function_exists( 'istainted' ) ) { - /** - * @codeCoverageIgnore - * @return int - */ - function istainted( $var ) { - return 0; - } - /** @codeCoverageIgnore */ - function taint( $var, $level = 0 ) {} - /** @codeCoverageIgnore */ - function untaint( $var, $level = 0 ) {} - define( 'TC_HTML', 1 ); - define( 'TC_SHELL', 1 ); - define( 'TC_MYSQL', 1 ); - define( 'TC_PCRE', 1 ); - define( 'TC_SELF', 1 ); -} /// @endcond /** @@ -276,24 +256,6 @@ function wfObjectToArray( $objOrArray, $recursive = true ) { return $array; } -/** - * Wrapper around array_map() which also taints variables - * - * @param $function Callback - * @param $input Array - * @return Array - */ -function wfArrayMap( $function, $input ) { - $ret = array_map( $function, $input ); - foreach ( $ret as $key => $value ) { - $taint = istainted( $input[$key] ); - if ( $taint ) { - taint( $ret[$key], $taint ); - } - } - return $ret; -} - /** * Get a random decimal value between 0 and 1, in a way * not likely to give duplicate values for any realistic diff --git a/includes/WebRequest.php b/includes/WebRequest.php index e85bf9cc70..20ee5e584d 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -347,7 +347,6 @@ class WebRequest { $data = $this->normalizeUnicode( $data ); return $data; } else { - taint( $default ); return $default; } } diff --git a/includes/db/Database.php b/includes/db/Database.php index 1cbffd8e28..f9d5407cd6 100644 --- a/includes/db/Database.php +++ b/includes/db/Database.php @@ -946,14 +946,6 @@ abstract class DatabaseBase implements DatabaseType { wfDebug( "Query {$this->mDBname} ($cnt) ($master): $sqlx\n" ); } - if ( istainted( $sql ) & TC_MYSQL ) { - if ( !Profiler::instance()->isStub() ) { - wfProfileOut( $queryProf ); - wfProfileOut( $totalProf ); - } - throw new MWException( 'Tainted query found' ); - } - $queryId = MWDebug::query( $sql, $fname, $isMaster ); # Do the query and handle errors diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php index e35719d4c0..084f198d1c 100644 --- a/includes/installer/Installer.php +++ b/includes/installer/Installer.php @@ -1003,7 +1003,7 @@ abstract class Installer { return true; } - $lines = wfArrayMap( 'trim', explode( "\n", $lines ) ); + $lines = array_map( 'trim', explode( "\n", $lines ) ); $candidatesByLocale = array(); $candidatesByLang = array();