jenkins-bot has submitted this change and it was merged. Change subject: SECURITY: quote booleans as string (not integer) in DatabaseMysqlBase ......................................................................
SECURITY: quote booleans as string (not integer) in DatabaseMysqlBase Comparing a string column to 0 will produce spurious matches, and it is easy to get a false value in unexpected places. Comparing an int column to '0' does not seem to cause any problems. Bug: T147537 Change-Id: I5ad547de509b3417b5937be6bdda9befb8aed8b6 --- M includes/libs/rdbms/database/DatabaseMysqlBase.php 1 file changed, 10 insertions(+), 0 deletions(-) Approvals: Reedy: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/libs/rdbms/database/DatabaseMysqlBase.php b/includes/libs/rdbms/database/DatabaseMysqlBase.php index d654429..b1c18b6 100644 --- a/includes/libs/rdbms/database/DatabaseMysqlBase.php +++ b/includes/libs/rdbms/database/DatabaseMysqlBase.php @@ -608,6 +608,16 @@ */ abstract protected function mysqlRealEscapeString( $s ); + public function addQuotes( $s ) { + if ( is_bool( $s ) ) { + // Parent would transform to int, which does not play nice with MySQL type juggling. + // When searching for an int in a string column, the strings are cast to int, which + // means false would match any string not starting with a number. + $s = (string)(int)$s; + } + return parent::addQuotes( $s ); + } + /** * MySQL uses `backticks` for identifier quoting instead of the sql standard "double quotes". * -- To view, visit https://gerrit.wikimedia.org/r/315279 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I5ad547de509b3417b5937be6bdda9befb8aed8b6 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Anomie <bjor...@wikimedia.org> Gerrit-Reviewer: Reedy <re...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits