From 5cc19be268b545cbbcaa97f7a72f368caeb69b56 Mon Sep 17 00:00:00 2001
From: DannyS712 <dannys712.wiki@gmail.com>
Date: Fri, 4 Jun 2021 23:24:25 -0700
Subject: [PATCH] SECURITY: Avoid database for MediaWiki:Abusefilter-blocker
 fallback

If the content language is English and the message is invalid as
a username, or the content language is not English and both the
content language version and the English version are invalid, the
user in FilterUser would not be created - now, avoid the onwiki
version of the English message in the fallback, so it could only
be invalid if the default in the i18n files was invalid.

Bug: T284364
---
 includes/FilterUser.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/includes/FilterUser.php b/includes/FilterUser.php
index 031b770c..329544eb 100644
--- a/includes/FilterUser.php
+++ b/includes/FilterUser.php
@@ -51,7 +51,8 @@ class FilterUser {
 			);
 			// Use the default name to avoid breaking other stuff. This should have no harm,
 			// aside from blocks temporarily attributed to another user.
-			$defaultName = $this->messageLocalizer->msg( 'abusefilter-blocker' )->inLanguage( 'en' )->text();
+			// Don't use the database in case the English onwiki message is broken, T284364
+			$defaultName = $this->messageLocalizer->msg( 'abusefilter-blocker' )->inLanguage( 'en' )->useDatabase( false )->text();
 			$user = User::newSystemUser( $defaultName, [ 'steal' => true ] );
 		}
 		'@phan-var User $user';
-- 
2.28.0.windows.1