wikimedia/mediawiki-extensions-SyntaxHighlight_GeSHi
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/SyntaxHighlight_GeSHi synced 2024-11-24 06:24:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use shell restrictions to contain pygments

Browse source 
If enabled, apply the default restrictions and take away network access
from pygments.

Bug: T182468
Change-Id: I4e5a6e01a24229a3923642af8de880dbf9167562
This commit is contained in:
Kunal Mehta 2017-12-08 13:03:35 -08:00
parent 15b894bdbc
commit dc4e684056
3 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
SyntaxHighlight.php
View file

@ -294,6 +294,7 @@ class SyntaxHighlight {
'-O', implode( ',', $optionPairs )
)
->input( $code )
->restrict( Shell::RESTRICT_DEFAULT | Shell::NO_NETWORK )
->execute();
if ( $result->getExitCode() != 0 ) {

4
maintenance/updateCSS.php
View file

@ -44,7 +44,9 @@ class UpdateCSS extends Maintenance {
'-f', 'html',
'-S', 'default',
'-a', '.' . SyntaxHighlight::HIGHLIGHT_CSS_CLASS
)->execute();
)
->restrict( Shell::RESTRICT_DEFAULT | Shell::NO_NETWORK )
->execute();
if ( $result->getExitCode() != 0 ) {
throw new \RuntimeException( $result->getStderr() );

4
maintenance/updateLexerList.php
View file

@ -46,7 +46,9 @@ class UpdateLexerList extends Maintenance {
$result = Shell::command(
SyntaxHighlight::getPygmentizePath(),
'-L', 'lexer'
)->execute();
)
->restrict( Shell::RESTRICT_DEFAULT | Shell::NO_NETWORK )
->execute();
if ( $result->getExitCode() != 0 ) {
throw new \RuntimeException( $result->getStderr() );