Page MenuHomeMiraheze

Cargo: Error: unclosed string literal.
Closed, InvalidPublic

Description

In T6985#138392, @Lakelimbo informed us about an exception when visiting https://pokemundo.miraheze.org/wiki/Especial:CargoTables/Moves.

[f6d0183b5631733d162ccac7] /wiki/Especial:CargoTables/Moves   MWException from line 404 of /srv/mediawiki/w/extensions/Cargo/includes/CargoUtils.php: Error: unclosed string literal.
/srv/mediawiki/w/extensions/Cargo/includes/CargoSQLQuery.php:545, 
/srv/mediawiki/w/extensions/Cargo/includes/CargoSQLQuery.php:691, 
/srv/mediawiki/w/extensions/Cargo/includes/specials/CargoTables.php:185, 
/srv/mediawiki/w/includes/specialpage/SpecialPage.php:600, 
/srv/mediawiki/w/includes/specialpage/SpecialPageFactory.php:635, 
/srv/mediawiki/w/includes/MediaWiki.php:307, 
/srv/mediawiki/w/includes/MediaWiki.php:940, 
/srv/mediawiki/w/includes/MediaWiki.php:543, 
/srv/mediawiki/w/index.php:53, 
/srv/mediawiki/w/index.php:46

Event Timeline

Southparkfan triaged this task as Normal priority.Fri, Mar 19, 20:34
Southparkfan created this task.

Exception is generated at https://github.com/wikimedia/mediawiki-extensions-Cargo/blob/a619875ea82539bfbf525b8813036876e5cf39b4/includes/CargoUtils.php#L408
$string is string(11) "King's_Rock"
King's_Rock is a column in the cargo__Moves table:

stdClass Object
(
    [Field] => King's_Rock
    [Type] => tinyint(1)
    [Null] => YES
    [Key] => MUL
    [Default] =>
    [Extra] =>
)
21:46:14 <+SPF|Cloud> renaming the column to Kings_Rock or similar will fix the issue
21:48:18 <+SPF|Cloud> and https://mariadb.com/kb/en/identifier-names/#quoted says that the single quote (should have called them 'quotes' instead of 'apostrophes', I guess) is a valid character in a column name
21:49:18 <+SPF|Cloud> the extension is at fault here ;)

Sounds Upstream.

Agreed. There are multiple issues here:

  • Unclosed literals (with a single quote) are not a problem in column names, the check is too strict here
  • If the bug above won't be fixed, then the extension lacks basic input validation upon creating a table
TheNino renamed this task from Cargo: Error: unclosed string literal. to Extension:ShortDescription.Fri, Mar 19, 23:20
TheNino updated the task description. (Show Details)
Universal_Omega renamed this task from Extension:ShortDescription to Cargo: Error: unclosed string literal..Fri, Mar 19, 23:54
Universal_Omega updated the task description. (Show Details)

@TheNino: Please do not replace/repurpose other's tasks. Thank you!

If no objections, I'll go ahead and report this upstream and close this task, as I don't think there is really much we can do in the matter.

Reception123 claimed this task.
Reception123 added a project: Upstream.

Upstream task created: https://phabricator.wikimedia.org/T278181.

Closing the task on our side as there's nothing we can do except wait for upstream to fix it.

Universal_Omega changed the task status from Resolved to Invalid.Mon, Mar 22, 23:50

Upstream = invalid in the past