[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Max Semenik maxsem.w...@gmail.com changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Comment #8 from Max Semenik maxsem.w...@gmail.com 2011-02-23 12:35:56 UTC --- Meh, committed in r82660. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 --- Comment #4 from Max Semenik maxsem.w...@gmail.com 2011-01-26 18:14:52 UTC --- As the matter of fact, we're already attempting to make the path absolute, but since we call realpath() before attempting to create the directory, it may fail. Here's my fix for it, I can't currently commit it myself. Index: SqliteInstaller.php === --- SqliteInstaller.php(revision 77580) +++ SqliteInstaller.php(working copy) @@ -45,16 +45,30 @@ $this-getTextBox( 'wgDBname', 'config-db-name', array(), $this-parent-getHelpBox( 'config-sqlite-name-help' ) ); } +/* + * Safe wrapper for PHP's realpath() that fails gracefully if it's unable to canonicalize the path. + */ +private static function realpath( $path ) { +$result = realpath( $path ); +if ( !$result ) { +return $path; +} +return $result; +} + public function submitConnectForm() { $this-setVarsFromRequest( array( 'wgSQLiteDataDir', 'wgDBname' ) ); -$dir = realpath( $this-getVar( 'wgSQLiteDataDir' ) ); -if ( !$dir ) { -// realpath() sometimes fails, especially on Windows -$dir = $this-getVar( 'wgSQLiteDataDir' ); +# Try realpath() if the directory already exists +$dir = self::realpath( $this-getVar( 'wgSQLiteDataDir' ) ); +$result = self::dataDirOKmaybeCreate( $dir, true /* create? */ ); +if ( $result-isOK() ) +{ +# Try expanding again in case we've just created it +$dir = self::realpath( $dir ); +$this-setVar( 'wgSQLiteDataDir', $dir ); } -$this-setVar( 'wgSQLiteDataDir', $dir ); -return self::dataDirOKmaybeCreate( $dir, true /* create? */ ); +return $result; } private static function dataDirOKmaybeCreate( $dir, $create = false ) { -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 --- Comment #5 from Brion Vibber br...@pobox.com 2011-01-26 18:55:33 UTC --- If the path can't be canonicalized, that sounds.. bad. What sort of failure are you referring to exactly, and why is it failing? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 --- Comment #6 from Max Semenik maxsem.w...@gmail.com 2011-01-26 19:03:47 UTC --- From PHP docs: realpath() returns FALSE on failure, e.g. if the file does not exist. I also observed it failing on Windows with paths containing spaces. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 --- Comment #7 from Brion Vibber br...@pobox.com 2011-01-26 19:04:51 UTC --- We just figured out the not-existing-yet one on IRC. :D I'll take a quick peek at the Windows case. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Chad H. innocentkil...@gmail.com changed: What|Removed |Added CC||maxsem.w...@gmail.com --- Comment #3 from Chad H. innocentkil...@gmail.com 2011-01-25 21:13:00 UTC --- Max, would you mind looking at this? I know we already expose the directory path in the new installer (the mode setting was useless and removed awhile ago) -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Lisa Ridley lhrid...@gmail.com changed: What|Removed |Added CC||lhrid...@gmail.com -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are watching all bug changes. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Max Semenik maxsem.w...@gmail.com changed: What|Removed |Added Depends on||22010 -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Max Semenik maxsem.w...@gmail.com changed: What|Removed |Added Depends on|22010 | -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Max Semenik maxsem.w...@gmail.com changed: What|Removed |Added Blocks||20257 -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 Chad H. innocentkil...@gmail.com changed: What|Removed |Added CC||innocentkil...@gmail.com --- Comment #1 from Chad H. innocentkil...@gmail.com 2009-08-14 16:59:18 UTC --- Cf http://www.mediawiki.org/wiki/Manual:$wgSQLiteDataDir -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 20244] Installer does not validate SQLite database directory for stable path
https://bugzilla.wikimedia.org/show_bug.cgi?id=20244 --- Comment #2 from Brion Vibber br...@wikimedia.org 2009-08-14 17:01:35 UTC --- Listing the default in the installer might be good too. :) And we might need/want to expose wgSQLiteDataDirMode or set it more appropriately... -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l