diff options
author | Pierre Schmitz <pierre@archlinux.de> | 2016-05-21 08:33:14 +0200 |
---|---|---|
committer | Pierre Schmitz <pierre@archlinux.de> | 2016-05-21 08:33:14 +0200 |
commit | 7bf2eb8ba09b54cec804446ea39a3e658773fac9 (patch) | |
tree | 12fa50d1d49fe0c7f9b5cff08aa88d93f5d4146f /includes/GlobalFunctions.php | |
parent | c96958a50a97382ef4ada897d1e7120d7a222a28 (diff) |
Update to MediaWiki 1.26.3
Diffstat (limited to 'includes/GlobalFunctions.php')
-rw-r--r-- | includes/GlobalFunctions.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index 64aa87ec..c4d5b5bc 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -2812,6 +2812,14 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(), } wfDebug( "wfShellExec: $cmd\n" ); + // Don't try to execute commands that exceed Linux's MAX_ARG_STRLEN. + // Other platforms may be more accomodating, but we don't want to be + // accomodating, because very long commands probably include user + // input. See T129506. + if ( strlen( $cmd ) > SHELL_MAX_ARG_STRLEN ) { + throw new Exception( __METHOD__ . '(): total length of $cmd must not exceed SHELL_MAX_ARG_STRLEN' ); + } + $desc = array( 0 => array( 'file', 'php://stdin', 'r' ), 1 => array( 'pipe', 'w' ), |