MediaWiki r110871 - Code Review

Repository:	MediaWiki
Revision:	< r110870‎ \| r110871 (on ViewVC)‎ \| r110872 >
Date:	20:47, 7 February 2012
Author:	hashar
Status:	resolved (Comments)
Tags:
Comment:	simplify FileCacheBase::fetchText Implements a proposal by Tim on r98405 CR
Modified paths:	/trunk/phase3/includes/cache/FileCacheBase.php (modified) (history) (diff)

Diff [purge]

Index: trunk/phase3/includes/cache/FileCacheBase.php
—	—	@@ -116,12 +116,9 @@
117	117	* @return string
118	118	*/
119	119	public function fetchText() {
120		~~- if ( $this->useGzip() ) {~~
121		~~- /* Why is there no gzfile_get_contents() or gzdecode()? */~~
122		~~- return implode( '', gzfile( $this->cachePath() ) );~~
123		~~- } else {~~
124		~~- return file_get_contents( $this->cachePath() );~~
125		~~- }~~
	120	+ // gzopen can transparently read from gziped or plain text
	121	+ $fh = gzopen( $this->cachePath(), 'r' );
	122	+ return stream_get_contents( $fh );
126	123	}
127	124
128	125	/**
—	—	@@ -141,6 +138,7 @@
142	139
143	140	$this->checkCacheDirs(); // build parent dir
144	141	if ( !file_put_contents( $this->cachePath(), $text, LOCK_EX ) ) {
	142	+ wfDebug( __METHOD__ . "() failed saving ". $this->cachePath() . "\n");
145	143	$this->mCached = null;
146	144	return false;
147	145	}

Follow-up revisions

Rev.	Commit summary	Author	Date
r110916	make gzopen() portable by using binary flag...	hashar	07:03, 8 February 2012
r111324	Fix some injection from r110871	hashar	19:51, 12 February 2012

Past revisions this follows-up on

Rev.	Commit summary	Author	Date
r98405	HTMLFileCache refactoring:...	aaron	08:18, 29 September 2011

Comments

#Comment by Aaron Schulz (Talk | contribs) 21:26, 7 February 2012

Can you add the 'b' flag to gzopen() for good measure? ("$fh = gzopen( $this->cachePath(), 'rb' );")

#Comment by Hashar (Talk | contribs) 07:03, 8 February 2012

binary flag added with r110916.

#Comment by Tim Starling (Talk | contribs) 01:55, 10 February 2012

Calling gzopen() on a plain text file seems rather scary to me, since with the resource loader, the user-supplied input can start from the first character, and there's no obvious reason why a malicious user couldn't supply a string starting with the GZIP magic signature.

#Comment by Hashar (Talk | contribs) 19:51, 12 February 2012

I have put back the file_get_contents() with r111324

Status & tagging log

19:55, 12 February 2012 Aaron Schulz (Talk | contribs) changed the tags for r110871 [removed: filebackend]
19:55, 12 February 2012 Aaron Schulz (Talk | contribs) changed the status of r110871 [removed: new added: resolved]
19:51, 12 February 2012 Hashar (Talk | contribs) changed the status of r110871 [removed: fixme added: new]
01:55, 10 February 2012 Tim Starling (Talk | contribs) changed the status of r110871 [removed: ok added: fixme]
01:51, 8 February 2012 Tim Starling (Talk | contribs) changed the status of r110871 [removed: new added: ok]
23:00, 7 February 2012 MarkAHershberger (Talk | contribs) changed the tags for r110871 [added: filebackend]

MediaWiki r110871 - Code Review

Diff [purge]

Follow-up revisions

Past revisions this follows-up on

Comments

Status & tagging log

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Support

Download

Development

Communication

Toolbox