From a87c63b8586cd9cb57cc6168ff2e1ba3458db92d Mon Sep 17 00:00:00 2001 From: Reedy Date: Tue, 28 Mar 2017 21:47:08 +0100 Subject: [PATCH 07/10] SECURITY: Don't write LocalisationCache to temporary directory Bug: T161453 Change-Id: I51b375c63fcece908da921c465c861968c9eee1c --- RELEASE-NOTES-1.27 | 2 ++ includes/cache/localisation/LocalisationCache.php | 14 ++++++-------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/RELEASE-NOTES-1.27 b/RELEASE-NOTES-1.27 index 94efaa1..ff34d4d 100644 --- a/RELEASE-NOTES-1.27 +++ b/RELEASE-NOTES-1.27 @@ -34,6 +34,8 @@ was released. * (T156184) SECURITY: Escape content model/format url parameter in message. * (T151735) SECURITY: SVG filter evasion using default attribute values in DTD declaration. +* (T161453) SECURITY: LocalisationCache will no longer use the temporary directory + in it's fallback chain when trying to work out where to write the cache. == MediaWiki 1.27.1 == diff --git a/includes/cache/localisation/LocalisationCache.php b/includes/cache/localisation/LocalisationCache.php index dd7d81a..dcf2736 100644 --- a/includes/cache/localisation/LocalisationCache.php +++ b/includes/cache/localisation/LocalisationCache.php @@ -210,19 +210,17 @@ class LocalisationCache { case 'detect': if ( !empty( $conf['storeDirectory'] ) ) { $storeClass = 'LCStoreCDB'; + } elseif ( $wgCacheDirectory ) { + $storeConf['directory'] = $wgCacheDirectory; + $storeClass = 'LCStoreCDB'; } else { - $cacheDir = $wgCacheDirectory ?: wfTempDir(); - if ( $cacheDir ) { - $storeConf['directory'] = $cacheDir; - $storeClass = 'LCStoreCDB'; - } else { - $storeClass = 'LCStoreDB'; - } + $storeClass = 'LCStoreDB'; } break; default: throw new MWException( - 'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.' ); + 'Please set $wgLocalisationCacheConf[\'store\'] to something sensible.' + ); } } -- 2.9.3