X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=maintenance%2Fupdate.php;h=d5c11b5ded661cfadc70702a624ea8773d650107;hp=d96cecd6be3c0bb9cdc4ea26287c254922f474a6;hb=5b205725842edbae6ccde5a13baf20c2eb3ec4ae;hpb=4feb2bd8d6deaee787f11ae8be41c0393934f636

diff --git a/maintenance/update.php b/maintenance/update.php
index d96cecd6be..d5c11b5ded 100755
--- a/maintenance/update.php
+++ b/maintenance/update.php
@@ -27,6 +27,8 @@
 
 require_once __DIR__ . '/Maintenance.php';
 
+use Wikimedia\Rdbms\IMaintainableDatabase;
+
 /**
  * Maintenance script to run database schema updates.
  *
@@ -126,7 +128,7 @@ class UpdateMediaWiki extends Maintenance {
 			$this->compatChecks();
 		} else {
 			$this->output( "Skipping compatibility checks, proceed at your own risk (Ctrl+C to abort)\n" );
-			wfCountDown( 5 );
+			$this->countDown( 5 );
 		}
 
 		// Check external dependencies are up to date
@@ -143,9 +145,19 @@ class UpdateMediaWiki extends Maintenance {
 		# This will vomit up an error if there are permissions problems
 		$db = $this->getDB( DB_MASTER );
 
+		# Check to see whether the database server meets the minimum requirements
+		/** @var DatabaseInstaller $dbInstallerClass */
+		$dbInstallerClass = Installer::getDBInstallerClass( $db->getType() );
+		$status = $dbInstallerClass::meetsMinimumRequirement( $db->getServerVersion() );
+		if ( !$status->isOK() ) {
+			// This might output some wikitext like <strong> but it should be comprehensible
+			$text = $status->getWikiText();
+			$this->error( $text, 1 );
+		}
+
 		$this->output( "Going to run database updates for " . wfWikiID() . "\n" );
 		if ( $db->getType() === 'sqlite' ) {
-			/** @var Database|DatabaseSqlite $db */
+			/** @var IMaintainableDatabase|DatabaseSqlite $db */
 			$this->output( "Using SQLite file: '{$db->getDbFilePath()}'\n" );
 		}
 		$this->output( "Depending on the size of your database this may take a while!\n" );
@@ -153,11 +165,29 @@ class UpdateMediaWiki extends Maintenance {
 		if ( !$this->hasOption( 'quick' ) ) {
 			$this->output( "Abort with control-c in the next five seconds "
 				. "(skip this countdown with --quick) ... " );
-			wfCountDown( 5 );
+			$this->countDown( 5 );
 		}
 
 		$time1 = microtime( true );
 
+		$badPhpUnit = dirname( __DIR__ ) . '/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php';
+		if ( file_exists( $badPhpUnit ) ) {
+			// Bad versions of the file are:
+			// https://raw.githubusercontent.com/sebastianbergmann/phpunit/c820f91/src/Util/PHP/eval-stdin.php
+			// https://raw.githubusercontent.com/sebastianbergmann/phpunit/3aaddb1/src/Util/PHP/eval-stdin.php
+			$md5 = md5_file( $badPhpUnit );
+			if ( $md5 === '120ac49800671dc383b6f3709c25c099'
+				|| $md5 === '28af792cb38fc9a1b236b91c1aad2876'
+			) {
+				$success = unlink( $badPhpUnit );
+				if ( $success ) {
+					$this->output( "Removed PHPUnit eval-stdin.php to protect against CVE-2017-9841\n" );
+				} else {
+					$this->error( "Unable to remove $badPhpUnit, you should manually. See CVE-2017-9841" );
+				}
+			}
+		}
+
 		$shared = $this->hasOption( 'doshared' );
 
 		$updates = [ 'core', 'extensions' ];