From b4c45d3597793e728cad88e58fb67ffbab07d98c Mon Sep 17 00:00:00 2001 From: Brian Wolff Date: Thu, 15 Feb 2018 13:07:29 +0000 Subject: [PATCH] Fix phan-taint-check false positive This was causing by echo'ing a value from the database. Since this script does not use the standard Maintenance class, phan-taint-check was unable to determine it was a command line script and thought this was an XSS. Casting to int caused phan-taint-check to know that the value was safe, and thus prevents the false positive warning. Change-Id: Ib786fd591ed50f9b3934efa0c3f06e4c307a81f5 --- maintenance/cleanup.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/maintenance/cleanup.php b/maintenance/cleanup.php index 49eb0381..7b8a44c1 100644 --- a/maintenance/cleanup.php +++ b/maintenance/cleanup.php @@ -95,7 +95,7 @@ if ( !$regexes ) { } $dbr = wfGetDB( DB_REPLICA ); -$maxID = $dbr->selectField( 'page', 'MAX(page_id)' ); +$maxID = (int)$dbr->selectField( 'page', 'MAX(page_id)' ); $reportingInterval = 100; print "Regexes are " . implode( ', ', array_map( 'count', $regexes ) ) . " bytes\n";