From 126bd6042e5ab4c2cfce099bb89814c767d4d00e Mon Sep 17 00:00:00 2001
From: Lucas Werkmeister <lucas.werkmeister@wikimedia.de>
Date: Mon, 23 May 2022 12:19:44 +0200
Subject: [PATCH] SECURITY: Validate lemma length in Special:NewLexeme(Alpha)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

(Note: the SECURITY is meant to mark this as a patch that is initially
deployed to Wikimedia production via the security deployment process,
but the actual security impact is minimal. We just didn’t want the bug
to be abused before it was fixed, hence the non-public deployment.)

The special pages to create a new Lexeme were previously not validating
the length of the lemma. Add this validation, using a very simple
hard-coded validator for now. In parallel, the length limit is being
refactored elsewhere (change I0c945d3ad1); once that change is merged
and this one is made public, we should refactor SpecialNewLexeme(Alpha)
to use that constant instead of hard-coding it, and probably also use a
ValidatorErrorLocalizer as in change I8171bfef73.

Bug: T308659
Change-Id: Id89a9b08e40f075d2d422cafd03668dff3ce7fc9
---
 src/MediaWiki/Specials/SpecialNewLexeme.php            | 10 +++++++++-
 src/MediaWiki/Specials/SpecialNewLexemeAlpha.php       | 10 +++++++++-
 .../mediawiki/Specials/SpecialNewLexemeAlphaTest.php   |  9 +++++++++
 .../mediawiki/Specials/SpecialNewLexemeTest.php        |  9 +++++++++
 4 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/src/MediaWiki/Specials/SpecialNewLexeme.php b/src/MediaWiki/Specials/SpecialNewLexeme.php
index a3fb3c0418..60875b9797 100644
--- a/src/MediaWiki/Specials/SpecialNewLexeme.php
+++ b/src/MediaWiki/Specials/SpecialNewLexeme.php
@@ -210,7 +210,15 @@ private function getFormFields(): array {
 				'id' => 'wb-newlexeme-lemma',
 				'required' => true,
 				'placeholder-message' => 'wikibaselexeme-lemma-edit-placeholder',
-				'label-message' => 'wikibaselexeme-newlexeme-lemma'
+				'label-message' => 'wikibaselexeme-newlexeme-lemma',
+				'validation-callback' => function ( string $lemma ) {
+					// TODO use LemmaTermValidator with ValidatorErrorLocalizer instead
+					if ( mb_strlen( $lemma ) > 1000 ) {
+						return $this->msg( 'wikibase-validator-too-long' )
+							->numParams( 1000 );
+					}
+					return true;
+				},
 			],
 			self::FIELD_LEMMA_LANGUAGE => [
 				'name' => self::FIELD_LEMMA_LANGUAGE,
diff --git a/src/MediaWiki/Specials/SpecialNewLexemeAlpha.php b/src/MediaWiki/Specials/SpecialNewLexemeAlpha.php
index 7a72c9c35e..569e11c640 100644
--- a/src/MediaWiki/Specials/SpecialNewLexemeAlpha.php
+++ b/src/MediaWiki/Specials/SpecialNewLexemeAlpha.php
@@ -539,7 +539,15 @@ private function getFormFields( array $exampleLexemeParams ): array {
 					'wikibaselexeme-newlexeme-lemma-placeholder-with-example',
 					Message::plaintextParam( $exampleLexemeParams['lemma_text'] ),
 				],
-				'label-message' => 'wikibaselexeme-newlexeme-lemma'
+				'label-message' => 'wikibaselexeme-newlexeme-lemma',
+				'validation-callback' => function ( string $lemma ) {
+					// TODO use LemmaTermValidator with ValidatorErrorLocalizer instead
+					if ( mb_strlen( $lemma ) > 1000 ) {
+						return $this->msg( 'wikibase-validator-too-long' )
+							->numParams( 1000 );
+					}
+					return true;
+				},
 			],
 			self::FIELD_LEMMA_LANGUAGE => [
 				'name' => self::FIELD_LEMMA_LANGUAGE,
diff --git a/tests/phpunit/mediawiki/Specials/SpecialNewLexemeAlphaTest.php b/tests/phpunit/mediawiki/Specials/SpecialNewLexemeAlphaTest.php
index f762151305..5e4b601ea4 100644
--- a/tests/phpunit/mediawiki/Specials/SpecialNewLexemeAlphaTest.php
+++ b/tests/phpunit/mediawiki/Specials/SpecialNewLexemeAlphaTest.php
@@ -509,6 +509,15 @@ public function provideInvalidEntityCreationRequests() {
 				],
 				'(htmlform-invalid-input)',
 			],
+			'lemma too long' => [
+				[
+					SpecialNewLexemeAlpha::FIELD_LEMMA_LANGUAGE => 'en',
+					SpecialNewLexemeAlpha::FIELD_LEMMA => str_repeat( 'a', 1000 + 1 ),
+					SpecialNewLexemeAlpha::FIELD_LEXICAL_CATEGORY => self::EXISTING_ITEM_ID,
+					SpecialNewLexemeAlpha::FIELD_LEXEME_LANGUAGE => self::EXISTING_ITEM_ID,
+				],
+				'(htmlform-invalid-input)',
+			],
 			'lexical category has wrong format' => [
 				[
 					SpecialNewLexemeAlpha::FIELD_LEMMA_LANGUAGE => 'en',
diff --git a/tests/phpunit/mediawiki/Specials/SpecialNewLexemeTest.php b/tests/phpunit/mediawiki/Specials/SpecialNewLexemeTest.php
index 08583ded04..420fb023fc 100644
--- a/tests/phpunit/mediawiki/Specials/SpecialNewLexemeTest.php
+++ b/tests/phpunit/mediawiki/Specials/SpecialNewLexemeTest.php
@@ -213,6 +213,15 @@ public function provideInvalidEntityCreationRequests() {
 				],
 				'(htmlform-invalid-input)',
 			],
+			'lemma too long' => [
+				[
+					SpecialNewLexeme::FIELD_LEMMA_LANGUAGE => 'en',
+					SpecialNewLexeme::FIELD_LEMMA => str_repeat( 'a', 1000 + 1 ),
+					SpecialNewLexeme::FIELD_LEXICAL_CATEGORY => self::EXISTING_ITEM_ID,
+					SpecialNewLexeme::FIELD_LEXEME_LANGUAGE => self::EXISTING_ITEM_ID,
+				],
+				'(htmlform-invalid-input)',
+			],
 			'lexical category has wrong format' => [
 				[
 					SpecialNewLexeme::FIELD_LEMMA_LANGUAGE => 'en',
-- 
2.34.1