summaryrefslogtreecommitdiff
path: root/includes/GlobalFunctions.php
diff options
context:
space:
mode:
authorLuke Shumaker <lukeshu@sbcglobal.net>2016-08-02 16:31:15 -0400
committerLuke Shumaker <lukeshu@sbcglobal.net>2016-08-02 16:31:15 -0400
commit7099c40bcc035e3b96ddd3e976d1cdbcfbf09398 (patch)
tree2fbc86f9c4cba01c0a266b7fefdd38b1ec3b5c01 /includes/GlobalFunctions.php
parenta5f917bbc55e295896b8084f6657eb8b6abaf8a8 (diff)
parentb5e7f46db0fcb6f251206eaf36339ad3ad589f8b (diff)
Merge branch 'archwiki' into lukeshu/masterHEADproductionmaster
Diffstat (limited to 'includes/GlobalFunctions.php')
-rw-r--r--includes/GlobalFunctions.php8
1 files changed, 8 insertions, 0 deletions
diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index 64aa87ec..c4d5b5bc 100644
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -2812,6 +2812,14 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(),
}
wfDebug( "wfShellExec: $cmd\n" );
+ // Don't try to execute commands that exceed Linux's MAX_ARG_STRLEN.
+ // Other platforms may be more accomodating, but we don't want to be
+ // accomodating, because very long commands probably include user
+ // input. See T129506.
+ if ( strlen( $cmd ) > SHELL_MAX_ARG_STRLEN ) {
+ throw new Exception( __METHOD__ . '(): total length of $cmd must not exceed SHELL_MAX_ARG_STRLEN' );
+ }
+
$desc = array(
0 => array( 'file', 'php://stdin', 'r' ),
1 => array( 'pipe', 'w' ),