Merge branch 'master' of https://git.archlinux.org/vhosts/wiki.archlinux.org

author: root <root@luna.archlinux.org> 2016-05-21 06:38:45 +0000
committer: root <root@luna.archlinux.org> 2016-05-21 06:38:45 +0000
commit: b88e92b7f0ce508c55de8c6ac5159ef544d480be (patch)
tree: 86b188507543d2670b7ada1caa8f1139d3d5abe9 /includes/GlobalFunctions.php
parent: a2bbd243c85ea0e425ee3e8c380aba9f254cee61 (diff)
parent: 7bf2eb8ba09b54cec804446ea39a3e658773fac9 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index 64aa87ec..c4d5b5bc 100644
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -2812,6 +2812,14 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(),
 	}
 	wfDebug( "wfShellExec: $cmd\n" );
 
+	// Don't try to execute commands that exceed Linux's MAX_ARG_STRLEN.
+	// Other platforms may be more accomodating, but we don't want to be
+	// accomodating, because very long commands probably include user
+	// input. See T129506.
+	if ( strlen( $cmd ) > SHELL_MAX_ARG_STRLEN ) {
+		throw new Exception( __METHOD__ . '(): total length of $cmd must not exceed SHELL_MAX_ARG_STRLEN' );
+	}
+
 	$desc = array(
 		0 => array( 'file', 'php://stdin', 'r' ),
 		1 => array( 'pipe', 'w' ),
author	root <root@luna.archlinux.org>	2016-05-21 06:38:45 +0000
committer	root <root@luna.archlinux.org>	2016-05-21 06:38:45 +0000
commit	b88e92b7f0ce508c55de8c6ac5159ef544d480be (patch)
tree	86b188507543d2670b7ada1caa8f1139d3d5abe9 /includes/GlobalFunctions.php
parent	a2bbd243c85ea0e425ee3e8c380aba9f254cee61 (diff)
parent	7bf2eb8ba09b54cec804446ea39a3e658773fac9 (diff)