summaryrefslogtreecommitdiff
path: root/includes/GlobalFunctions.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2016-05-21 08:33:14 +0200
committerPierre Schmitz <pierre@archlinux.de>2016-05-21 08:33:14 +0200
commit7bf2eb8ba09b54cec804446ea39a3e658773fac9 (patch)
tree12fa50d1d49fe0c7f9b5cff08aa88d93f5d4146f /includes/GlobalFunctions.php
parentc96958a50a97382ef4ada897d1e7120d7a222a28 (diff)
Update to MediaWiki 1.26.3
Diffstat (limited to 'includes/GlobalFunctions.php')
-rw-r--r--includes/GlobalFunctions.php8
1 files changed, 8 insertions, 0 deletions
diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index 64aa87ec..c4d5b5bc 100644
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -2812,6 +2812,14 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(),
}
wfDebug( "wfShellExec: $cmd\n" );
+ // Don't try to execute commands that exceed Linux's MAX_ARG_STRLEN.
+ // Other platforms may be more accomodating, but we don't want to be
+ // accomodating, because very long commands probably include user
+ // input. See T129506.
+ if ( strlen( $cmd ) > SHELL_MAX_ARG_STRLEN ) {
+ throw new Exception( __METHOD__ . '(): total length of $cmd must not exceed SHELL_MAX_ARG_STRLEN' );
+ }
+
$desc = array(
0 => array( 'file', 'php://stdin', 'r' ),
1 => array( 'pipe', 'w' ),