[MediaWiki-commits] [Gerrit] mediawiki...Echo[master]: ContainmentSet: Use strict comparison for array_search()

Sun, 15 Oct 2017 13:32:38 -0700 

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/384299 )

Change subject: ContainmentSet: Use strict comparison for array_search()
......................................................................


ContainmentSet: Use strict comparison for array_search()

Otherwise, if $list->getValues() contains the number 0,
any non-numerical string will match, because 'foo'==0 is true.

This, in combination with a broken maintenance script that had
inserted 0s into some users' blacklist, broke all notifications
for those users.

Bug: T177825
Change-Id: If8700b4d0de0fdba876eb9d5cc4997e185dfeb3c
---
M includes/ContainmentSet.php
M tests/phpunit/ContainmentSetTest.php
2 files changed, 5 insertions(+), 1 deletion(-)

Approvals:
  jenkins-bot: Verified
  Jforrester: Looks good to me, approved



diff --git a/includes/ContainmentSet.php b/includes/ContainmentSet.php
index d5cfff5..0803da0 100644
--- a/includes/ContainmentSet.php
+++ b/includes/ContainmentSet.php
@@ -111,7 +111,8 @@
         */
        public function contains( $value ) {
                foreach ( $this->lists as $list ) {
-                       if ( array_search( $value, $list->getValues() ) !== 
false ) {
+                       // Use strict comparison to prevent the number 0 from 
matching all strings (T177825)
+                       if ( array_search( $value, $list->getValues(), true ) 
!== false ) {
                                return true;
                        }
                }
diff --git a/tests/phpunit/ContainmentSetTest.php 
b/tests/phpunit/ContainmentSetTest.php
index 077e235..5971c81 100644
--- a/tests/phpunit/ContainmentSetTest.php
+++ b/tests/phpunit/ContainmentSetTest.php
@@ -15,6 +15,9 @@
 
                $list->addArray( [ 'whammo' ] );
                $this->assertTrue( $list->contains( 'whammo' ) );
+
+               $list->addArray( [ 0 ] );
+               $this->assertFalse( $list->contains( 'baz' ) );
        }
 
        public function testCachedListInnerListIsOnlyCalledOnce() {

-- 
To view, visit https://gerrit.wikimedia.org/r/384299
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: If8700b4d0de0fdba876eb9d5cc4997e185dfeb3c
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/Echo
Gerrit-Branch: master
Gerrit-Owner: Catrope <r...@wikimedia.org>
Gerrit-Reviewer: Dbarratt <dbarr...@wikimedia.org>
Gerrit-Reviewer: Jforrester <jforres...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to