From 090ddbd12a29529a6a129e00a16e3e5e8f71e6ee Mon Sep 17 00:00:00 2001
From: Reedy <reedy@wikimedia.org>
Date: Tue, 28 Mar 2017 21:47:08 +0100
Subject: [PATCH 7/9] SECURITY: Don't write LocalisationCache to temporary
 directory

Bug: T161453
Change-Id: I51b375c63fcece908da921c465c861968c9eee1c
---
 RELEASE-NOTES-1.29                                |  4 ++++
 includes/cache/localisation/LocalisationCache.php | 14 ++++++--------
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/RELEASE-NOTES-1.29 b/RELEASE-NOTES-1.29
index 5af9d43..933bfd3 100644
--- a/RELEASE-NOTES-1.29
+++ b/RELEASE-NOTES-1.29
@@ -35,6 +35,8 @@ production.
 * (T156983) $wgRateLimitsExcludedIPs now accepts CIDR ranges as well as single IPs.
 * $wgDummyLanguageCodes is deprecated. Additional language code mappings may be
   added to $wgExtraLanguageCodes instead.
+* (T161453) LocalisationCache will no longer use the temporary directory in it's
+ fallback chain when trying to work out where to write the cache.
 
 === New features in 1.29 ===
 * (T137376) New language support: Atikamekw (atj)
@@ -95,6 +97,8 @@ production.
 * (T156184) SECURITY: Escape content model/format url parameter in message.
 * (T151735) SECURITY: SVG filter evasion using default attribute values in DTD
   declaration.
+* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory
+  in it's fallback chain when trying to work out where to write the cache.
 
 === Action API changes in 1.29 ===
 * Submitting sensitive authentication request parameters to action=login,
diff --git a/includes/cache/localisation/LocalisationCache.php b/includes/cache/localisation/LocalisationCache.php
index cbff113..d499340 100644
--- a/includes/cache/localisation/LocalisationCache.php
+++ b/includes/cache/localisation/LocalisationCache.php
@@ -212,19 +212,17 @@ class LocalisationCache {
 				case 'detect':
 					if ( !empty( $conf['storeDirectory'] ) ) {
 						$storeClass = 'LCStoreCDB';
+					} elseif ( $wgCacheDirectory ) {
+						$storeConf['directory'] = $wgCacheDirectory;
+						$storeClass = 'LCStoreCDB';
 					} else {
-						$cacheDir = $wgCacheDirectory ?: wfTempDir();
-						if ( $cacheDir ) {
-							$storeConf['directory'] = $cacheDir;
-							$storeClass = 'LCStoreCDB';
-						} else {
-							$storeClass = 'LCStoreDB';
-						}
+						$storeClass = 'LCStoreDB';
 					}
 					break;
 				default:
 					throw new MWException(
-						'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.' );
+						'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.'
+					);
 			}
 		}
 
-- 
2.9.3