Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/HeaderTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/HeaderTest.php@@ -4,6 +4,7 @@ namespace PhpMyAdmin\Tests;+use PhpMyAdmin\Console; use PhpMyAdmin\Core; use PhpMyAdmin\Header; use ReflectionProperty;@@ -49,10 +50,7 @@ { $header = new Header(); $header->disable();- $this->assertEquals(- '',- $header->getDisplay()- );+ self::assertSame('', $header->getDisplay()); } /**@@ -62,10 +60,7 @@ { $GLOBALS['server'] = 0; $header = new Header();- $this->assertStringContainsString(- '<title>phpMyAdmin</title>',- $header->getDisplay()- );+ self::assertStringContainsString('<title>phpMyAdmin</title>', $header->getDisplay()); } /**@@ -75,10 +70,7 @@ { $header = new Header(); $header->setBodyId('PMA_header_id');- $this->assertStringContainsString(- 'PMA_header_id',- $header->getDisplay()- );+ self::assertStringContainsString('PMA_header_id', $header->getDisplay()); } /**@@ -87,10 +79,7 @@ public function testGetJsParams(): void { $header = new Header();- $this->assertArrayHasKey(- 'common_query',- $header->getJsParams()- );+ self::assertArrayHasKey('common_query', $header->getJsParams()); } /**@@ -99,10 +88,7 @@ public function testGetJsParamsCode(): void { $header = new Header();- $this->assertStringContainsString(- 'CommonParams.setAll',- $header->getJsParamsCode()- );+ self::assertStringContainsString('CommonParams.setAll', $header->getJsParamsCode()); } /**@@ -111,10 +97,7 @@ public function testGetMessage(): void { $header = new Header();- $this->assertStringContainsString(- 'phpmyadminmessage',- $header->getMessage()- );+ self::assertStringContainsString('phpmyadminmessage', $header->getMessage()); } /**@@ -128,7 +111,7 @@ $header = new Header(); $header->disableWarnings();- $this->assertFalse($reflection->getValue($header));+ self::assertFalse($reflection->getValue($header)); } /**@@ -161,7 +144,7 @@ $expected = [ 'X-Frame-Options' => $expectedFrameOptions,- 'Referrer-Policy' => 'no-referrer',+ 'Referrer-Policy' => 'same-origin', 'Content-Security-Policy' => $expectedCsp, 'X-Content-Security-Policy' => $expectedXCsp, 'X-WebKit-CSP' => $expectedWebKitCsp,@@ -180,10 +163,10 @@ } $headers = $this->callFunction($header, Header::class, 'getHttpHeaders', []);- $this->assertSame($expected, $headers);- }-- public function providerForTestGetHttpHeaders(): array+ self::assertSame($expected, $headers);+ }++ public static function providerForTestGetHttpHeaders(): array { return [ [@@ -245,4 +228,26 @@ ], ]; }++ public function testSetAjax(): void+ {+ $header = new Header();+ $consoleReflection = new ReflectionProperty(Header::class, 'console');+ $consoleReflection->setAccessible(true);+ $console = $consoleReflection->getValue($header);+ self::assertInstanceOf(Console::class, $console);+ $isAjax = new ReflectionProperty(Header::class, 'isAjax');+ $isAjax->setAccessible(true);+ $consoleIsAjax = new ReflectionProperty(Console::class, 'isAjax');+ $consoleIsAjax->setAccessible(true);++ self::assertFalse($isAjax->getValue($header));+ self::assertFalse($consoleIsAjax->getValue($console));+ $header->setAjax(true);+ self::assertTrue($isAjax->getValue($header));+ self::assertTrue($consoleIsAjax->getValue($console));+ $header->setAjax(false);+ self::assertFalse($isAjax->getValue($header));+ self::assertFalse($consoleIsAjax->getValue($console));+ } }
After analyzing the provided code diff, I've identified one security-related change: 1. Vulnerability Existed: yes Referrer-Policy Security Header Update [File] test/classes/HeaderTest.php [Lines] ~161 [Old Code] `'Referrer-Policy' => 'no-referrer',` [Fixed Code] `'Referrer-Policy' => 'same-origin',` Additional Notes: - The change from 'no-referrer' to 'same-origin' for the Referrer-Policy header is a security improvement. While 'no-referrer' is secure, 'same-origin' provides a better balance between security and functionality, allowing referrers within the same origin while still protecting against cross-origin information leaks. - The rest of the changes appear to be test improvements (changing assertEquals to assertSame) and adding new test cases, which don't represent security fixes. No other security vulnerabilities were identified in this diff. The main security-relevant change was the Referrer-Policy header update.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/js/src/database/events.js+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/js/src/database/events.js@@ -295,7 +295,7 @@ classes: { 'ui-dialog-titlebar-close': 'btn-close' },- width: 700,+ width: '70%', minWidth: 500, buttons: buttonOptions, // Issue #15810 - use button titles for modals (eg: new procedure)@@ -334,8 +334,7 @@ * the Definition textarea. */ var $elm = $('textarea[name=item_definition]').last();- var linterOptions = {};- linterOptions.eventEditor = true;+ var linterOptions = { editorType: 'event' }; that.syntaxHiglighter = Functions.getSqlEditor($elm, {}, 'both', linterOptions); } else { Functions.ajaxShowMessage(data.error, false);
Here's the analysis of the provided code diff:
1. Vulnerability Existed: not sure
[Potential XSS Vulnerability] [js/src/database/events.js] [Lines 295-334]
[Old Code: Various dialog and editor configurations]
[Fixed Code: Modified dialog width and editor options]
Additional Details:
- The changes appear to be primarily UI/UX improvements rather than direct security fixes
- The dialog width change from fixed pixels to percentage could be related to responsive design
- The editor options change from `eventEditor: true` to `editorType: 'event'` appears to be an API change
- No clear security vulnerability is being fixed in this diff, though the changes could be part of a larger security update
- The modification of SQL editor options might be related to input validation but isn't clearly a security fix
Note: Without more context about the broader changes in the release or the specific security issues being addressed, it's difficult to identify concrete vulnerabilities from this diff alone. The changes shown appear to be more about functionality and user interface than direct security fixes.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Controllers/Import/SimulateDmlController.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Controllers/Import/SimulateDmlController.php@@ -8,20 +8,36 @@ use PhpMyAdmin\Import\SimulateDml; use PhpMyAdmin\Message; use PhpMyAdmin\ResponseRenderer;+use PhpMyAdmin\SqlParser\Lexer; use PhpMyAdmin\SqlParser\Parser; use PhpMyAdmin\SqlParser\Statements\DeleteStatement; use PhpMyAdmin\SqlParser\Statements\UpdateStatement;+use PhpMyAdmin\SqlParser\Token;+use PhpMyAdmin\SqlParser\TokensList; use PhpMyAdmin\SqlParser\Utils\Query; use PhpMyAdmin\Template; use function __;+use function array_filter;+use function array_values; use function count;-use function explode; final class SimulateDmlController extends AbstractController { /** @var SimulateDml */ private $simulateDml;++ /** @var string */+ private $error = '';+ /**+ * @var list<array<mixed>>+ * @psalm-var list<array{+ * sql_query: string,+ * matched_rows: int,+ * matched_rows_url: string,+ * }>+ */+ private $data = []; public function __construct( ResponseRenderer $response,@@ -34,60 +50,56 @@ public function __invoke(): void {- $error = '';- $errorMsg = __('Only single-table UPDATE and DELETE queries can be simulated.'); /** @var string $sqlDelimiter */ $sqlDelimiter = $_POST['sql_delimiter'];- $sqlData = [];- /** @var string[] $queries */- $queries = explode($sqlDelimiter, $GLOBALS['sql_query']);- foreach ($queries as $sqlQuery) {- if (empty($sqlQuery)) {- continue;- }- // Parsing the query.- $parser = new Parser($sqlQuery);+ $parser = $this->createParser($GLOBALS['sql_query'], $sqlDelimiter);+ $this->process($parser);- if (empty($parser->statements[0])) {- continue;- }-- $statement = $parser->statements[0];-- if (- ! ($statement instanceof UpdateStatement || $statement instanceof DeleteStatement)- || ! empty($statement->join)- ) {- $error = $errorMsg;- break;- }-- $tables = Query::getTables($statement);- if (count($tables) > 1) {- $error = $errorMsg;- break;- }-- // Get the matched rows for the query.- $result = $this->simulateDml->getMatchedRows($sqlQuery, $parser, $statement);- $error = $this->simulateDml->getError();-- if ($error !== '') {- break;- }-- $sqlData[] = $result;- }-- if ($error) {- $message = Message::rawError($error);- $this->response->addJSON('message', $message);+ if ($this->error) {+ $this->response->addJSON('message', Message::rawError($this->error)); $this->response->addJSON('sql_data', false); return; }- $this->response->addJSON('sql_data', $sqlData);+ $this->response->addJSON('sql_data', $this->data);+ }++ private function createParser(string $query, string $delimiter): Parser+ {+ $lexer = new Lexer($query, false, $delimiter);+ $list = new TokensList(array_values(array_filter(+ $lexer->list->tokens,+ static function ($token): bool {+ return $token->type !== Token::TYPE_COMMENT;+ }+ )));++ return new Parser($list);+ }++ private function process(Parser $parser): void+ {+ foreach ($parser->statements as $statement) {+ if (+ ! $statement instanceof UpdateStatement && ! $statement instanceof DeleteStatement+ || ! empty($statement->join)+ || count(Query::getTables($statement)) > 1+ ) {+ $this->error = __('Only single-table UPDATE and DELETE queries can be simulated.');+ break;+ }++ // Get the matched rows for the query.+ $result = $this->simulateDml->getMatchedRows($parser, $statement);+ $this->error = $this->simulateDml->getError();++ if ($this->error !== '') {+ break;+ }++ $this->data[] = $result;+ } } }
Let me analyze the code diff for security vulnerabilities: 1. Vulnerability Existed: not sure [Potential SQL Injection] [libraries/classes/Controllers/Import/SimulateDmlController.php] [Lines 34-60] [Old Code: Directly using $_POST['sql_delimiter'] and $GLOBALS['sql_query'] without validation] [Fixed Code: Still uses $_POST and $GLOBALS directly, but with more structured processing] 2. Vulnerability Existed: yes [Input Validation Improvement] [libraries/classes/Controllers/Import/SimulateDmlController.php] [Throughout file] [Old Code: Simple string splitting and basic statement checks] [Fixed Code: Added proper lexer/token processing and more robust validation] 3. Vulnerability Existed: not sure [Information Disclosure] [libraries/classes/Controllers/Import/SimulateDmlController.php] [Lines 20-30] [Old Code: No explicit data structure definition] [Fixed Code: Added proper type hints and documentation for $data property] The main security-related changes appear to be: 1. More robust SQL parsing using Lexer/TokensList instead of simple string splitting 2. Better structured error handling and data management 3. More thorough validation of SQL statements While there isn't a clear CVE-style vulnerability being fixed, the changes improve security by: - Making SQL parsing more reliable (reducing chance of parsing errors being exploited) - Adding better input validation - Implementing more structured error handling - Adding type safety through proper property definitions The code still directly uses user-provided inputs ($_POST and $GLOBALS) which could be a concern, but the improved parsing and validation likely mitigate potential injection risks.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Display/ResultsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Display/ResultsTest.php@@ -36,6 +36,7 @@ use const MYSQLI_TYPE_DECIMAL; use const MYSQLI_TYPE_LONG; use const MYSQLI_TYPE_STRING;+use const MYSQLI_TYPE_TIME; use const MYSQLI_TYPE_TIMESTAMP; /**@@ -81,19 +82,17 @@ public function testisSelect(): void { $parser = new Parser('SELECT * FROM pma');- $this->assertTrue(- $this->callFunction(- $this->object,- DisplayResults::class,- 'isSelect',- [- [- 'statement' => $parser->statements[0],- 'select_from' => true,- ],- ]- )- );+ self::assertTrue($this->callFunction(+ $this->object,+ DisplayResults::class,+ 'isSelect',+ [+ [+ 'statement' => $parser->statements[0],+ 'select_from' => true,+ ],+ ]+ )); } /**@@ -128,11 +127,11 @@ ] );- $this->assertStringContainsString('<form action="index.php?route=/sql', $actual);- $this->assertStringContainsString('" method="post" >', $actual);- $this->assertStringContainsString('name="sql_query" value="SELECT * FROM `pma_bookmark` WHERE 1"', $actual);- $this->assertStringContainsString('name="pos" value="1"', $actual);- $this->assertStringContainsString('value="btn" title="Submit"', $actual);+ self::assertStringContainsString('<form action="index.php?route=/sql', $actual);+ self::assertStringContainsString('" method="post" >', $actual);+ self::assertStringContainsString('name="sql_query" value="SELECT * FROM `pma_bookmark` WHERE 1"', $actual);+ self::assertStringContainsString('name="pos" value="1"', $actual);+ self::assertStringContainsString('value="btn" title="Submit"', $actual); } /**@@ -140,7 +139,7 @@ * * @return array array data for testGetTableNavigationButton */- public function providerForTestGetTableNavigationButton(): array+ public static function providerForTestGetTableNavigationButton(): array { return [ [@@ -154,41 +153,32 @@ public function testGetClassForDateTimeRelatedFieldsCase1(): void {- $this->assertEquals(- 'datetimefield',- $this->callFunction(- $this->object,- DisplayResults::class,- 'getClassForDateTimeRelatedFields',- [new FieldMetadata(MYSQLI_TYPE_TIMESTAMP, 0, (object) [])]- )- );+ self::assertSame('datetimefield', $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getClassForDateTimeRelatedFields',+ [new FieldMetadata(MYSQLI_TYPE_TIMESTAMP, 0, (object) [])]+ )); } public function testGetClassForDateTimeRelatedFieldsCase2(): void {- $this->assertEquals(- 'datefield',- $this->callFunction(- $this->object,- DisplayResults::class,- 'getClassForDateTimeRelatedFields',- [new FieldMetadata(MYSQLI_TYPE_DATE, 0, (object) [])]- )- );+ self::assertSame('datefield', $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getClassForDateTimeRelatedFields',+ [new FieldMetadata(MYSQLI_TYPE_DATE, 0, (object) [])]+ )); } public function testGetClassForDateTimeRelatedFieldsCase3(): void {- $this->assertEquals(- 'text',- $this->callFunction(- $this->object,- DisplayResults::class,- 'getClassForDateTimeRelatedFields',- [new FieldMetadata(MYSQLI_TYPE_STRING, 0, (object) [])]- )- );+ self::assertSame('text', $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getClassForDateTimeRelatedFields',+ [new FieldMetadata(MYSQLI_TYPE_STRING, 0, (object) [])]+ )); } /**@@ -197,18 +187,15 @@ public function testGetOffsetsCase1(): void { $_SESSION['tmpval']['max_rows'] = DisplayResults::ALL_ROWS;- $this->assertEquals(- [- 0,- 0,- ],- $this->callFunction(- $this->object,- DisplayResults::class,- 'getOffsets',- []- )- );+ self::assertSame([+ 0,+ 0,+ ], $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getOffsets',+ []+ )); } /**@@ -218,18 +205,15 @@ { $_SESSION['tmpval']['max_rows'] = 5; $_SESSION['tmpval']['pos'] = 4;- $this->assertEquals(- [- 9,- 0,- ],- $this->callFunction(- $this->object,- DisplayResults::class,- 'getOffsets',- []- )- );+ self::assertSame([+ 9,+ 0,+ ], $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getOffsets',+ []+ )); } /**@@ -237,7 +221,7 @@ * * @return array parameters and output */- public function dataProviderForTestGetSpecialLinkUrl(): array+ public static function dataProviderForTestGetSpecialLinkUrl(): array { return [ [@@ -325,19 +309,16 @@ ], ];- $this->assertEquals(- $output,- $this->callFunction(- $this->object,- DisplayResults::class,- 'getSpecialLinkUrl',- [- $specialSchemaLinks[$db][$table][$field_name],- $column_value,- $row_info,- ]- )- );+ self::assertSame($output, $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getSpecialLinkUrl',+ [+ $specialSchemaLinks[$db][$table][$field_name],+ $column_value,+ $row_info,+ ]+ )); } /**@@ -345,7 +326,7 @@ * * @return array parameters and output */- public function dataProviderForTestGetRowInfoForSpecialLinks(): array+ public static function dataProviderForTestGetRowInfoForSpecialLinks(): array { $column_names = [ 'host',@@ -408,18 +389,15 @@ $this->object->properties['fields_meta'] = $fields_meta; $this->object->properties['fields_cnt'] = $fields_count;- $this->assertEquals(- $output,- $this->callFunction(- $this->object,- DisplayResults::class,- 'getRowInfoForSpecialLinks',- [- $row,- $col_order,- ]- )- );+ self::assertSame($output, $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getRowInfoForSpecialLinks',+ [+ $row,+ $col_order,+ ]+ )); } /**@@ -427,7 +405,7 @@ * * @return array parameters and output */- public function dataProviderForTestSetHighlightedColumnGlobalField(): array+ public static function dataProviderForTestSetHighlightedColumnGlobalField(): array { $parser = new Parser('SELECT * FROM db_name WHERE `db_name`.`tbl`.id > 0 AND `id` < 10');@@ -460,7 +438,7 @@ [$analyzed_sql] );- $this->assertEquals($output, $this->object->properties['highlight_columns']);+ self::assertSame($output, $this->object->properties['highlight_columns']); } /**@@ -468,7 +446,7 @@ * * @return array parameters and output */- public function dataProviderForTestGetPartialText(): array+ public static function dataProviderForTestGetPartialText(): array { return [ [@@ -528,15 +506,12 @@ { $_SESSION['tmpval']['pftext'] = $pftext; $GLOBALS['cfg']['LimitChars'] = $limitChars;- $this->assertEquals(- $output,- $this->callFunction(- $this->object,- DisplayResults::class,- 'getPartialText',- [$str]- )- );+ self::assertSame($output, $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getPartialText',+ [$str]+ )); } /**@@ -554,7 +529,7 @@ * string * }} */- public function dataProviderForTestHandleNonPrintableContents(): array+ public static function dataProviderForTestHandleNonPrintableContents(): array { $transformation_plugin = new Text_Plain_Link(); $meta = new FieldMetadata(MYSQLI_TYPE_BLOB, 0, (object) ['orgtable' => 'bar']);@@ -656,23 +631,20 @@ $_SESSION['tmpval']['display_binary'] = $display_binary; $_SESSION['tmpval']['display_blob'] = $display_blob; $GLOBALS['cfg']['LimitChars'] = 50;- $this->assertStringContainsString(- $output,- $this->callFunction(- $this->object,- DisplayResults::class,- 'handleNonPrintableContents',- [- $category,- $content,- $transformation_plugin,- $transform_options,- $meta,- $url_params,- &$is_truncated,- ]- )- );+ self::assertStringContainsString($output, $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'handleNonPrintableContents',+ [+ $category,+ $content,+ $transformation_plugin,+ $transform_options,+ $meta,+ $url_params,+ &$is_truncated,+ ]+ )); } /**@@ -691,7 +663,7 @@ * string * }} */- public function dataProviderForTestGetDataCellForNonNumericColumns(): array+ public static function dataProviderForTestGetDataCellForNonNumericColumns(): array { $transformation_plugin = new Text_Plain_Link(); $transformation_plugin_external = new Text_Plain_External();@@ -854,25 +826,22 @@ $_SESSION['tmpval']['relational_display'] = false; $GLOBALS['cfg']['LimitChars'] = 50; $GLOBALS['cfg']['ProtectBinary'] = $protectBinary;- $this->assertStringContainsString(- $output,- $this->callFunction(- $this->object,- DisplayResults::class,- 'getDataCellForNonNumericColumns',- [- $column,- $class,- $meta,- $map,- $_url_params,- $condition_field,- $transformation_plugin,- $transform_options,- $analyzed_sql_results,- ]- )- );+ self::assertStringContainsString($output, $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getDataCellForNonNumericColumns',+ [+ $column,+ $class,+ $meta,+ $map,+ $_url_params,+ $condition_field,+ $transformation_plugin,+ $transform_options,+ $analyzed_sql_results,+ ]+ )); } /**@@ -965,12 +934,12 @@ ); // Dateformat- $this->assertStringContainsString('Jan 01, 1970 at 01:00 AM', $output);+ self::assertStringContainsString('Jan 01, 1970 at 01:00 AM', $output); // Bool2Text- $this->assertStringContainsString('>T<', $output);- }-- public function dataProviderGetSortOrderHiddenInputs(): array+ self::assertStringContainsString('>T<', $output);+ }++ public static function dataProviderGetSortOrderHiddenInputs(): array { // SQL to add the column // SQL to remove the column@@ -1059,31 +1028,31 @@ ] ); $out = urldecode(htmlspecialchars_decode($output));- $this->assertStringContainsString(+ self::assertStringContainsString( 'name="url-remove-order" value="index.php?route=/sql&sql_query=' . $sqlRemove, $out, 'The remove query should be found' );- $this->assertStringContainsString(+ self::assertStringContainsString( 'name="url-add-order" value="index.php?route=/sql&sql_query=' . $sqlAdd, $out, 'The add query should be found' ); $firstLine = explode("\n", $out)[0] ?? '';- $this->assertStringContainsString(+ self::assertStringContainsString( 'url-remove-order', $firstLine, 'The first line should contain url-remove-order input' );- $this->assertStringNotContainsString(+ self::assertStringNotContainsString( 'url-add-order', $firstLine, 'The first line should contain NOT url-add-order input' );- $this->assertStringContainsString($urlParamsRemove, $firstLine, 'The first line should contain the URL params');+ self::assertStringContainsString($urlParamsRemove, $firstLine, 'The first line should contain the URL params'); } /**@@ -1101,7 +1070,7 @@ ' special value ', ] );- $this->assertSame('<td class="text-start my_class"> special value </td>' . "\n", $output);+ self::assertSame('<td class="text-start my_class"> special value </td>' . "\n", $output); $output = $this->callFunction( $this->object, DisplayResults::class,@@ -1112,7 +1081,7 @@ '0x11e6ac0cfb1e8bf3bf48b827ebdafb0b', ] );- $this->assertSame('<td class="text-start my_class">0x11e6ac0cfb1e8bf3bf48b827ebdafb0b</td>' . "\n", $output);+ self::assertSame('<td class="text-start my_class">0x11e6ac0cfb1e8bf3bf48b827ebdafb0b</td>' . "\n", $output); $output = $this->callFunction( $this->object, DisplayResults::class,@@ -1123,7 +1092,7 @@ '0x11e6ac0cfb1e8bf3bf48b827ebdafb0b', ] );- $this->assertSame(+ self::assertSame( '<td class="text-start my_class condition">0x11e6ac0cfb1e8bf3bf48b827ebdafb0b</td>' . "\n", $output );@@ -1140,7 +1109,7 @@ $object = new DisplayResults($this->dbi, $db, $table, 1, '', $query); $object->setConfigParamsForDisplayTable($analyzedSqlResults);- $this->assertSame('F', $_SESSION['tmpval']['pftext']);+ self::assertSame('F', $_SESSION['tmpval']['pftext']); $query = 'ANALYZE NO_WRITE_TO_BINLOG TABLE test_table'; [$analyzedSqlResults] = ParseAnalyze::sqlQuery($query, $db);@@ -1148,7 +1117,7 @@ $object = new DisplayResults($this->dbi, $db, $table, 1, '', $query); $object->setConfigParamsForDisplayTable($analyzedSqlResults);- $this->assertSame('P', $_SESSION['tmpval']['pftext']);+ self::assertSame('P', $_SESSION['tmpval']['pftext']); } /**@@ -1174,12 +1143,12 @@ $object = new DisplayResults($this->dbi, $db, $table, 1, '', $query); $object->setConfigParamsForDisplayTable($analyzedSqlResults);- $this->assertArrayHasKey('tmpval', $_SESSION);- $this->assertIsArray($_SESSION['tmpval']);- $this->assertSame($expected, $_SESSION['tmpval']);- }-- public function providerSetConfigParamsForDisplayTable(): array+ self::assertArrayHasKey('tmpval', $_SESSION);+ self::assertIsArray($_SESSION['tmpval']);+ self::assertSame($expected, $_SESSION['tmpval']);+ }++ public static function providerSetConfigParamsForDisplayTable(): array { $cfg = ['RelationalDisplay' => DisplayResults::RELATIONAL_KEY, 'MaxRows' => 25, 'RepeatCells' => 100];@@ -1454,7 +1423,7 @@ 'text_btn' => '0', 'pview_lnk' => '1', ];- $this->assertNotFalse($dtResult);+ self::assertNotFalse($dtResult); $actual = $object->getTable($dtResult, $displayParts, $analyzedSqlResults); $template = new Template();@@ -1464,14 +1433,14 @@ 'columns' => [ [ 'column_name' => 'id',- 'order_link' => '<a href="index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60id%60+ASC'- . '&sql_signature=dcfe20b407b35309f6af81f745e77a10f723d39b082d2a8f9cb8e75b17c4d3ce'+ 'order_link' => '<a href="index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60id%60+ASC+'+ . '&sql_signature=5b09494be0beb7899b460ba6b695504ca89d1ad1fbc8705f3b60f7da71f61b2f' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en" class="sortlink">id' . '<input type="hidden" value="'- . 'index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60id%60+ASC'- . '&sql_signature=dcfe20b407b35309f6af81f745e77a10f723d39b082d2a8f9cb8e75b17c4d3ce'+ . 'index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60id%60+ASC+'+ . '&sql_signature=5b09494be0beb7899b460ba6b695504ca89d1ad1fbc8705f3b60f7da71f61b2f' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en"></a>' . '<input type="hidden" name="url-remove-order" value="index.php?route=/sql&db=test_db' . '&table=test_table&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60'@@ -1480,8 +1449,8 @@ . '&discard_remembered_sort=1">' . "\n" . '<input type="hidden" name="url-add-order" value="' . 'index.php?route=/sql&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60id%60+ASC'- . '&sql_signature=dcfe20b407b35309f6af81f745e77a10f723d39b082d2a8f9cb8e75b17c4d3ce'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60id%60+ASC+'+ . '&sql_signature=5b09494be0beb7899b460ba6b695504ca89d1ad1fbc8705f3b60f7da71f61b2f' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en">', 'comments' => '', 'is_browse_pointer_enabled' => true,@@ -1491,14 +1460,14 @@ ], [ 'column_name' => 'name',- 'order_link' => '<a href="index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60name%60+ASC'- . '&sql_signature=0d06fa8d6795b1c69892cca27d6213c08401bd434145d16cb35c365ab3e03039'+ 'order_link' => '<a href="index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60name%60+ASC+'+ . '&sql_signature=deb7ae82acc39ae4faa69b87f757edb5c3a6a714196d2f5fefe5cccc06985aba' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en" class="sortlink">name' . '<input type="hidden" value="'- . 'index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60name%60+ASC'- . '&sql_signature=0d06fa8d6795b1c69892cca27d6213c08401bd434145d16cb35c365ab3e03039'+ . 'index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60name%60+ASC+'+ . '&sql_signature=deb7ae82acc39ae4faa69b87f757edb5c3a6a714196d2f5fefe5cccc06985aba' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en"></a>' . '<input type="hidden" name="url-remove-order" value="index.php?route=/sql&db=test_db' . '&table=test_table&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60'@@ -1507,8 +1476,8 @@ . '&discard_remembered_sort=1">' . "\n" . '<input type="hidden" name="url-add-order" value="' . 'index.php?route=/sql&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0AORDER+BY+%60name%60+ASC'- . '&sql_signature=0d06fa8d6795b1c69892cca27d6213c08401bd434145d16cb35c365ab3e03039'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0AORDER+BY+%60name%60+ASC+'+ . '&sql_signature=deb7ae82acc39ae4faa69b87f757edb5c3a6a714196d2f5fefe5cccc06985aba' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en">', 'comments' => '', 'is_browse_pointer_enabled' => true,@@ -1518,16 +1487,16 @@ ], [ 'column_name' => 'datetimefield',- 'order_link' => '<a href="index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0A'- . 'ORDER+BY+%60datetimefield%60+DESC'- . '&sql_signature=1c46f7e3c625f9e0846fb2de844ca1732319e5fb7fb93e96c89a4b6218579358'+ 'order_link' => '<a href="index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0A'+ . 'ORDER+BY+%60datetimefield%60+DESC+'+ . '&sql_signature=d7f66b34e106a07349e748fa1f6c517fb33e0a717c285b623d10e7f0e24a3db4' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en" class="sortlink">datetimefield' . '<input type="hidden" value="'- . 'index.php?route=/sql&server=0&lang=en&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0A'- . 'ORDER+BY+%60datetimefield%60+DESC'- . '&sql_signature=1c46f7e3c625f9e0846fb2de844ca1732319e5fb7fb93e96c89a4b6218579358'+ . 'index.php?route=/sql&db=test_db&table=test_table'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0A'+ . 'ORDER+BY+%60datetimefield%60+DESC+'+ . '&sql_signature=d7f66b34e106a07349e748fa1f6c517fb33e0a717c285b623d10e7f0e24a3db4' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en"></a>' . '<input type="hidden" name="url-remove-order" value="index.php?route=/sql&db=test_db' . '&table=test_table&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60'@@ -1536,9 +1505,9 @@ . '&discard_remembered_sort=1">' . "\n" . '<input type="hidden" name="url-add-order" value="' . 'index.php?route=/sql&db=test_db&table=test_table'- . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60++%0A'- . 'ORDER+BY+%60datetimefield%60+DESC'- . '&sql_signature=1c46f7e3c625f9e0846fb2de844ca1732319e5fb7fb93e96c89a4b6218579358'+ . '&sql_query=SELECT+%2A+FROM+%60test_db%60.%60test_table%60+%0A'+ . 'ORDER+BY+%60datetimefield%60+DESC+'+ . '&sql_signature=d7f66b34e106a07349e748fa1f6c517fb33e0a717c285b623d10e7f0e24a3db4' . '&session_max_rows=25&is_browse_distinct=0&server=0&lang=en">', 'comments' => '', 'is_browse_pointer_enabled' => true,@@ -1662,6 +1631,169 @@ 'text_dir' => 'ltr', ]);- $this->assertEquals($tableTemplate, $actual);+ self::assertSame($tableTemplate, $actual);+ }++ /**+ * @return array[]+ */+ public static function dataProviderSortOrder(): array+ {+ return [+ 'Default date' => [+ 'SMART',+ 'DESC',// date types are DESC in SMART mode+ MYSQLI_TYPE_DATE,+ ],+ 'ASC date' => [+ 'ASC',+ 'ASC',// do as config says+ MYSQLI_TYPE_DATE,+ ],+ 'DESC date' => [+ 'DESC',+ 'DESC',// do as config says+ MYSQLI_TYPE_DATE,+ ],+ 'Default date-time' => [+ 'SMART',+ 'DESC',// date time types are DESC in SMART mode+ MYSQLI_TYPE_DATETIME,+ ],+ 'ASC date-time' => [+ 'ASC',+ 'ASC',// do as config says+ MYSQLI_TYPE_DATETIME,+ ],+ 'DESC date-time' => [+ 'DESC',+ 'DESC',// do as config says+ MYSQLI_TYPE_DATETIME,+ ],+ 'Default time' => [+ 'SMART',+ 'DESC',// time types are DESC in SMART mode+ MYSQLI_TYPE_TIME,+ ],+ 'ASC time' => [+ 'ASC',+ 'ASC',// do as config says+ MYSQLI_TYPE_TIME,+ ],+ 'DESC time' => [+ 'DESC',+ 'DESC',// do as config says+ MYSQLI_TYPE_TIME,+ ],+ 'Default timestamp' => [+ 'SMART',+ 'DESC',// timestamp types are DESC in SMART mode+ MYSQLI_TYPE_TIMESTAMP,+ ],+ 'ASC timestamp' => [+ 'ASC',+ 'ASC',// do as config says+ MYSQLI_TYPE_TIMESTAMP,+ ],+ 'DESC timestamp' => [+ 'DESC',+ 'DESC',// do as config says+ MYSQLI_TYPE_TIMESTAMP,+ ],+ 'Default string' => [+ 'SMART',+ 'ASC',// string types are ASC in SMART mode+ MYSQLI_TYPE_STRING,+ ],+ 'ASC string' => [+ 'ASC',+ 'ASC',// do as config says+ MYSQLI_TYPE_STRING,+ ],+ 'DESC string' => [+ 'DESC',+ 'DESC',// do as config says+ MYSQLI_TYPE_STRING,+ ],+ ];+ }++ /**+ * @dataProvider dataProviderSortOrder+ */+ public function testGetSingleAndMultiSortUrls(+ string $orderSetting,+ string $querySortDirection,+ int $metaType+ ): void {+ $GLOBALS['cfg']['Order'] = $orderSetting;++ $data = $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getSingleAndMultiSortUrls',+ [+ ['`Country`.`Code` ASC'], // sortExpression,+ ['`Country`.`Code`'], // sortExpressionNoDirection,+ '`Country`.',+ 'FoundedIn',+ ['ASC'], // sortDirection,+ new FieldMetadata($metaType, 0, (object) []),+ ]+ );++ self::assertSame([+ "\n" . 'ORDER BY `Country`.`FoundedIn` ' . $querySortDirection, // singleSortOrder+ "\n" . 'ORDER BY `Country`.`Code` ASC, `Country`.`FoundedIn` ' . $querySortDirection, // sortOrderColumns+ '', // orderImg+ ], $data);++ $data = $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getSingleAndMultiSortUrls',+ [+ ['`Country`.`Code` ASC'], // sortExpression,+ ['`Country`.`Code`'], // sortExpressionNoDirection,+ '`Country`.',+ 'Code2',+ ['ASC'], // sortDirection,+ new FieldMetadata($metaType, 0, (object) []),+ ]+ );++ self::assertSame([+ "\n" . 'ORDER BY `Country`.`Code2` ' . $querySortDirection, // singleSortOrder+ "\n" . 'ORDER BY `Country`.`Code` ASC, `Country`.`Code2` ' . $querySortDirection, // sortOrderColumns+ '', // orderImg+ ], $data);++ $data = $this->callFunction(+ $this->object,+ DisplayResults::class,+ 'getSingleAndMultiSortUrls',+ [+ [+ '`Country`.`Continent` DESC","`Country`.`Region` ASC',+ '`Country`.`Population` ASC',+ ], // sortExpression,+ [+ '`Country`.`Continent`',+ '`Country`.`Region`',+ '`Country`.`Population`',+ ], // sortExpressionNoDirection,+ '`Country`.',+ 'Code2',+ ['DESC', 'ASC', 'ASC'], // sortDirection,+ new FieldMetadata($metaType, 0, (object) []),+ ]+ );++ self::assertSame([+ "\n" . 'ORDER BY `Country`.`Code2` ' . $querySortDirection, // singleSortOrder+ "\n" . 'ORDER BY `Country`.`Continent` DESC, `Country`.`Region` ASC'+ . ', `Country`.`Population` ASC, `Country`.`Code2` ' . $querySortDirection, // sortOrderColumns+ '', // orderImg+ ], $data); } }
After analyzing the provided code diff, I don't find any security-related fixes. The changes appear to be primarily test improvements and code style adjustments. Here's my analysis: 1. Vulnerability Existed: no No security vulnerability found [test/classes/Display/ResultsTest.php] [Various lines] The changes are test improvements and code style updates, not security fixes. The main changes in the diff include: - Adding MYSQLI_TYPE_TIME constant import - Changing test assertions from $this->assert* to self::assert* - Making test data providers static - Various test case improvements and formatting changes - Adding new test cases for sort order functionality None of these changes appear to address security vulnerabilities. The modifications are focused on test reliability, code quality, and additional test coverage rather than security fixes. If you'd like me to analyze any specific part of the diff in more detail, please let me know.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Export/ExportXmlTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Export/ExportXmlTest.php@@ -70,94 +70,73 @@ $attrProperties->setAccessible(true); $properties = $attrProperties->getValue($this->object);- $this->assertInstanceOf(ExportPluginProperties::class, $properties);-- $this->assertEquals(- 'XML',- $properties->getText()- );-- $this->assertEquals(- 'xml',- $properties->getExtension()- );-- $this->assertEquals(- 'text/xml',- $properties->getMimeType()- );+ self::assertInstanceOf(ExportPluginProperties::class, $properties);++ self::assertSame('XML', $properties->getText());++ self::assertSame('xml', $properties->getExtension());++ self::assertSame('text/xml', $properties->getMimeType()); $options = $properties->getOptions();- $this->assertInstanceOf(OptionsPropertyRootGroup::class, $options);-- $this->assertEquals(- 'Format Specific Options',- $options->getName()- );+ self::assertInstanceOf(OptionsPropertyRootGroup::class, $options);++ self::assertSame('Format Specific Options', $options->getName()); $generalOptionsArray = $options->getProperties(); $generalOptions = array_shift($generalOptionsArray);- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);-- $this->assertEquals(- 'general_opts',- $generalOptions->getName()- );+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);++ self::assertSame('general_opts', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(HiddenPropertyItem::class, $property);+ self::assertInstanceOf(HiddenPropertyItem::class, $property); $generalOptions = array_shift($generalOptionsArray);- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);-- $this->assertEquals(- 'structure',- $generalOptions->getName()- );+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);++ self::assertSame('structure', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(BoolPropertyItem::class, $property);-- $property = array_shift($generalProperties);-- $this->assertInstanceOf(BoolPropertyItem::class, $property);-- $property = array_shift($generalProperties);-- $this->assertInstanceOf(BoolPropertyItem::class, $property);-- $property = array_shift($generalProperties);-- $this->assertInstanceOf(BoolPropertyItem::class, $property);-- $property = array_shift($generalProperties);-- $this->assertInstanceOf(BoolPropertyItem::class, $property);+ self::assertInstanceOf(BoolPropertyItem::class, $property);++ $property = array_shift($generalProperties);++ self::assertInstanceOf(BoolPropertyItem::class, $property);++ $property = array_shift($generalProperties);++ self::assertInstanceOf(BoolPropertyItem::class, $property);++ $property = array_shift($generalProperties);++ self::assertInstanceOf(BoolPropertyItem::class, $property);++ $property = array_shift($generalProperties);++ self::assertInstanceOf(BoolPropertyItem::class, $property); $generalOptions = array_shift($generalOptionsArray);- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);-- $this->assertEquals(- 'data',- $generalOptions->getName()- );+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);++ self::assertSame('data', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(BoolPropertyItem::class, $property);+ self::assertInstanceOf(BoolPropertyItem::class, $property); } /**@@ -235,39 +214,31 @@ $GLOBALS['table'] = 'table'; ob_start();- $this->assertTrue(- $this->object->exportHeader()- );- $result = ob_get_clean();-- $this->assertIsString($result);-- $this->assertStringContainsString(- '<pma_xml_export version="1.0" xmlns:pma="' .- 'https://www.phpmyadmin.net/some_doc_url/">',- $result- );-- $this->assertStringContainsString(- '<pma:structure_schemas>' . "\n" .- ' <pma:database name="d&lt;&quot;b" collat' .- 'ion="utf8_general_ci" charset="utf-8">' . "\n" .- ' <pma:table name="table">' . "\n" .- ' &quot;tbl&quot;;' . "\n" .- ' </pma:table>' . "\n" .- ' <pma:trigger name="trname">' . "\n" .- ' ' . "\n" .- ' </pma:trigger>' . "\n" .- ' <pma:function name="fn">' . "\n" .- ' fndef' . "\n" .- ' </pma:function>' . "\n" .- ' <pma:procedure name="pr">' . "\n" .- ' prdef' . "\n" .- ' </pma:procedure>' . "\n" .- ' </pma:database>' . "\n" .- ' </pma:structure_schemas>',- $result- );+ self::assertTrue($this->object->exportHeader());+ $result = ob_get_clean();++ self::assertIsString($result);++ self::assertStringContainsString('<pma_xml_export version="1.0" xmlns:pma="' .+ 'https://www.phpmyadmin.net/some_doc_url/">', $result);++ self::assertStringContainsString('<pma:structure_schemas>' . "\n" .+ ' <pma:database name="d&lt;&quot;b" collat' .+ 'ion="utf8_general_ci" charset="utf-8">' . "\n" .+ ' <pma:table name="table">' . "\n" .+ ' &quot;tbl&quot;;' . "\n" .+ ' </pma:table>' . "\n" .+ ' <pma:trigger name="trname">' . "\n" .+ ' ' . "\n" .+ ' </pma:trigger>' . "\n" .+ ' <pma:function name="fn">' . "\n" .+ ' fndef' . "\n" .+ ' </pma:function>' . "\n" .+ ' <pma:procedure name="pr">' . "\n" .+ ' prdef' . "\n" .+ ' </pma:procedure>' . "\n" .+ ' </pma:database>' . "\n" .+ ' </pma:structure_schemas>', $result); // case 2 with isView as true and false@@ -319,29 +290,22 @@ ]; ob_start();- $this->assertTrue(- $this->object->exportHeader()- );- $result = ob_get_clean();-- $this->assertIsString($result);-- $this->assertStringContainsString(- '<pma:structure_schemas>' . "\n" .- ' <pma:database name="d&lt;&quot;b" collat' .- 'ion="utf8_general_ci" charset="utf-8">' . "\n" .- ' </pma:database>' . "\n" .- ' </pma:structure_schemas>',- $result- );+ self::assertTrue($this->object->exportHeader());+ $result = ob_get_clean();++ self::assertIsString($result);++ self::assertStringContainsString('<pma:structure_schemas>' . "\n" .+ ' <pma:database name="d&lt;&quot;b" collat' .+ 'ion="utf8_general_ci" charset="utf-8">' . "\n" .+ ' </pma:database>' . "\n" .+ ' </pma:structure_schemas>', $result); } public function testExportFooter(): void { $this->expectOutputString('</pma_xml_export>');- $this->assertTrue(- $this->object->exportFooter()- );+ self::assertTrue($this->object->exportFooter()); } public function testExportDBHeader(): void@@ -349,20 +313,16 @@ $GLOBALS['xml_export_contents'] = true; ob_start();- $this->assertTrue(- $this->object->exportDBHeader('&db')- );- $result = ob_get_clean();-- $this->assertIsString($result);-- $this->assertStringContainsString('<database name="&amp;db">', $result);+ self::assertTrue($this->object->exportDBHeader('&db'));+ $result = ob_get_clean();++ self::assertIsString($result);++ self::assertStringContainsString('<database name="&amp;db">', $result); $GLOBALS['xml_export_contents'] = false;- $this->assertTrue(- $this->object->exportDBHeader('&db')- );+ self::assertTrue($this->object->exportDBHeader('&db')); } public function testExportDBFooter(): void@@ -370,27 +330,21 @@ $GLOBALS['xml_export_contents'] = true; ob_start();- $this->assertTrue(- $this->object->exportDBFooter('&db')- );- $result = ob_get_clean();-- $this->assertIsString($result);-- $this->assertStringContainsString('</database>', $result);+ self::assertTrue($this->object->exportDBFooter('&db'));+ $result = ob_get_clean();++ self::assertIsString($result);++ self::assertStringContainsString('</database>', $result); $GLOBALS['xml_export_contents'] = false;- $this->assertTrue(- $this->object->exportDBFooter('&db')- );+ self::assertTrue($this->object->exportDBFooter('&db')); } public function testExportDBCreate(): void {- $this->assertTrue(- $this->object->exportDBCreate('testDB', 'database')- );+ self::assertTrue($this->object->exportDBCreate('testDB', 'database')); } public function testExportData(): void@@ -400,36 +354,31 @@ $GLOBALS['output_charset_conversion'] = false; ob_start();- $this->assertTrue(- $this->object->exportData(- 'test_db',- 'test_table',- "\n",- 'localhost',- 'SELECT * FROM `test_db`.`test_table`;'- )- );- $result = ob_get_clean();-- $this->assertIsString($result);- $this->assertEquals(- ' <!-- Table test_table -->' . "\n"- . ' <table name="test_table">' . "\n"- . ' <column name="id">1</column>' . "\n"- . ' <column name="name">abcd</column>' . "\n"- . ' <column name="datetimefield">2011-01-20 02:00:02</column>' . "\n"- . ' </table>' . "\n"- . ' <table name="test_table">' . "\n"- . ' <column name="id">2</column>' . "\n"- . ' <column name="name">foo</column>' . "\n"- . ' <column name="datetimefield">2010-01-20 02:00:02</column>' . "\n"- . ' </table>' . "\n"- . ' <table name="test_table">' . "\n"- . ' <column name="id">3</column>' . "\n"- . ' <column name="name">Abcd</column>' . "\n"- . ' <column name="datetimefield">2012-01-20 02:00:02</column>' . "\n"- . ' </table>' . "\n",- $result- );+ self::assertTrue($this->object->exportData(+ 'test_db',+ 'test_table',+ "\n",+ 'localhost',+ 'SELECT * FROM `test_db`.`test_table`;'+ ));+ $result = ob_get_clean();++ self::assertIsString($result);+ self::assertSame(' <!-- Table test_table -->' . "\n"+ . ' <table name="test_table">' . "\n"+ . ' <column name="id">1</column>' . "\n"+ . ' <column name="name">abcd</column>' . "\n"+ . ' <column name="datetimefield">2011-01-20 02:00:02</column>' . "\n"+ . ' </table>' . "\n"+ . ' <table name="test_table">' . "\n"+ . ' <column name="id">2</column>' . "\n"+ . ' <column name="name">foo</column>' . "\n"+ . ' <column name="datetimefield">2010-01-20 02:00:02</column>' . "\n"+ . ' </table>' . "\n"+ . ' <table name="test_table">' . "\n"+ . ' <column name="id">3</column>' . "\n"+ . ' <column name="name">Abcd</column>' . "\n"+ . ' <column name="datetimefield">2012-01-20 02:00:02</column>' . "\n"+ . ' </table>' . "\n", $result); } }
After analyzing the provided code diff, I don't find any security-related fixes. The changes appear to be primarily test code improvements and assertions being updated from `assertEquals` to `assertSame` for more strict comparison, and changing `$this->assert` to `self::assert` for consistency. Here's the structured response: Vulnerability Existed: no No security vulnerabilities found in the diff. The changes are test improvements and assertion updates. The diff shows: 1. Changing assertion methods from assertEquals to assertSame for more strict type checking 2. Changing instance method calls ($this->assert) to static calls (self::assert) 3. Formatting improvements in test assertions 4. No changes to actual security-related functionality or vulnerability fixes These changes are related to test quality and consistency rather than security fixes.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Gis/GisMultiPolygon.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Gis/GisMultiPolygon.php@@ -56,10 +56,11 @@ * @param string $spatial spatial data of a row * * @return array an array containing the min, max values for x and y coordinates+ * @psalm-return array{minX:float,minY:float,maxX:float,maxY:float} */ public function scaleRow($spatial) {- $min_max = [];+ $min_max = GisGeometry::EMPTY_EXTENT; // Trim to remove leading 'MULTIPOLYGON(((' and trailing ')))' $multipolygon = mb_substr($spatial, 15, -3);@@ -246,7 +247,7 @@ public function prepareRowAsSvg($spatial, $label, $fill_color, array $scale_data) { $polygon_options = [- 'name' => $label,+ 'data-label' => $label, 'class' => 'multipolygon vector', 'stroke' => 'black', 'stroke-width' => 0.5,@@ -376,7 +377,7 @@ */ public function generateWkt(array $gis_data, $index, $empty = '') {- $data_row = $gis_data[$index]['MULTIPOLYGON'];+ $data_row = $gis_data[$index]['MULTIPOLYGON'] ?? null; $no_of_polygons = $data_row['no_of_polygons'] ?? 1; if ($no_of_polygons < 1) {
Analyzing the provided code diff, I've identified the following potential security fixes: 1. Vulnerability Existed: not sure [Potential XSS Vulnerability] [libraries/classes/Gis/GisMultiPolygon.php] [Lines 246-253] [Old Code] 'name' => $label, [Fixed Code] 'data-label' => $label, Additional Details: The change from 'name' attribute to 'data-label' might be related to preventing XSS by moving user-controlled data from a standard HTML attribute to a data attribute, which is less likely to execute JavaScript. 2. Vulnerability Existed: yes [Null Pointer Dereference] [libraries/classes/Gis/GisMultiPolygon.php] [Lines 376-379] [Old Code] $data_row = $gis_data[$index]['MULTIPOLYGON']; [Fixed Code] $data_row = $gis_data[$index]['MULTIPOLYGON'] ?? null; Additional Details: The fix adds null coalescing operator to prevent potential null pointer dereference if the 'MULTIPOLYGON' key doesn't exist in the array. 3. Vulnerability Existed: not sure [Potential Initialization Issue] [libraries/classes/Gis/GisMultiPolygon.php] [Lines 56-60] [Old Code] $min_max = []; [Fixed Code] $min_max = GisGeometry::EMPTY_EXTENT; Additional Details: The change to use a defined constant for initialization might be related to ensuring proper default values, but the security impact isn't clear. Note: The first change could be related to XSS prevention, but without more context about how the label is used in the SVG output, we can't be certain. The second change clearly prevents a potential null reference issue. The third change appears to be more about code consistency than security.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/AbstractTestCase.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/AbstractTestCase.php@@ -8,6 +8,7 @@ use PhpMyAdmin\Config; use PhpMyAdmin\Core; use PhpMyAdmin\DatabaseInterface;+use PhpMyAdmin\Dbal\DbiExtension; use PhpMyAdmin\LanguageManager; use PhpMyAdmin\SqlParser\Translator; use PhpMyAdmin\Tests\Stubs\DbiDummy;@@ -20,6 +21,7 @@ use function array_keys; use function in_array;+use function method_exists; use const DIRECTORY_SEPARATOR;@@ -85,6 +87,14 @@ $_COOKIE = []; $_FILES = []; $_REQUEST = [];++ $GLOBALS['server'] = 1;+ $GLOBALS['text_dir'] = 'ltr';+ $GLOBALS['db'] = '';+ $GLOBALS['table'] = '';+ $GLOBALS['PMA_PHP_SELF'] = '';+ $GLOBALS['lang'] = 'en';+ // Config before DBI $this->setGlobalConfig(); $this->loadContainerBuilder();@@ -93,31 +103,54 @@ Cache::purge(); }+ protected function createDatabaseInterface(?DbiExtension $extension = null): DatabaseInterface+ {+ return new DatabaseInterface($extension ?? $this->createDbiDummy());+ }++ protected function createDbiDummy(): DbiDummy+ {+ return new DbiDummy();+ }+ protected function assertAllQueriesConsumed(): void { $unUsedQueries = $this->dummyDbi->getUnUsedQueries();- $this->assertSame([], $unUsedQueries, 'Some queries where not used !');+ self::assertSame([], $unUsedQueries, 'Some queries where not used !'); } protected function assertAllSelectsConsumed(): void { $unUsedSelects = $this->dummyDbi->getUnUsedDatabaseSelects();- $this->assertSame(- [],- $unUsedSelects,- 'Some database selects where not used !'- );+ self::assertSame([], $unUsedSelects, 'Some database selects where not used !'); } protected function assertAllErrorCodesConsumed(): void { if ($this->dummyDbi->hasUnUsedErrors() === false) {- $this->assertTrue(true);// increment the assertion count+ self::assertTrue(true);// increment the assertion count return; } $this->fail('Some error codes where not used !');+ }++ /**+ * PHPUnit 8 compatibility+ */+ public static function assertMatchesRegularExpressionCompat(+ string $pattern,+ string $string,+ string $message = ''+ ): void {+ if (method_exists(TestCase::class, 'assertMatchesRegularExpression')) {+ /** @phpstan-ignore-next-line */+ parent::assertMatchesRegularExpression($pattern, $string, $message);+ } else {+ /** @psalm-suppress DeprecatedMethod */+ self::assertRegExp($pattern, $string, $message);+ } } protected function loadContainerBuilder(): void@@ -180,7 +213,7 @@ /** @var ResponseRenderer $response */ $response = $containerBuilder->get(ResponseRenderer::class);- $this->assertFalse($response->hasSuccessState(), 'expected the request to fail');+ self::assertFalse($response->hasSuccessState(), 'expected the request to fail'); } protected function assertResponseWasSuccessfull(): void@@ -189,7 +222,7 @@ /** @var ResponseRenderer $response */ $response = $containerBuilder->get(ResponseRenderer::class);- $this->assertTrue($response->hasSuccessState(), 'expected the request not to fail');+ self::assertTrue($response->hasSuccessState(), 'expected the request not to fail'); } protected function setGlobalDbi(): void@@ -273,4 +306,23 @@ return $method->invokeArgs($object, $params); }++ /**+ * Get a private or protected property via reflection.+ *+ * @param object $object The object to inspect, pass null for static objects()+ * @param string $className The class name+ * @param string $propertyName The method name+ * @phpstan-param class-string $className+ *+ * @return mixed+ */+ protected function getProperty(object $object, string $className, string $propertyName)+ {+ $class = new ReflectionClass($className);+ $property = $class->getProperty($propertyName);+ $property->setAccessible(true);++ return $property->getValue($object);+ } }
After analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily about: 1. Adding new functionality (DbiExtension support, new helper methods) 2. Improving test assertions (changing $this->assert to self::assert) 3. Adding PHPUnit 8 compatibility 4. Adding new utility methods (getProperty) Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerability found in this diff. The changes are test-related improvements and additions. The changes include: 1. Added global variables initialization for testing 2. Added new methods for creating database interfaces 3. Updated assertion methods to use self:: instead of $this-> 4. Added PHPUnit 8 compatibility method 5. Added new utility method getProperty() for reflection-based testing None of these changes appear to address any security vulnerabilities, but rather improve the test framework's functionality and maintainability. If I had to identify potential security-related improvements (though not explicit vulnerabilities), the most notable would be the more robust test environment setup with proper global variable initialization, but this doesn't represent a vulnerability fix.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/ReplicationGuiTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/ReplicationGuiTest.php@@ -57,35 +57,35 @@ $html = $this->replicationGui->getHtmlForPrimaryReplication(); //validate 1: Primary replication- $this->assertStringContainsString('<div class="card-header">Primary replication</div>', $html);- $this->assertStringContainsString('This server is configured as primary in a replication process.', $html);+ self::assertStringContainsString('<div class="card-header">Primary replication</div>', $html);+ self::assertStringContainsString('This server is configured as primary in a replication process.', $html); //validate 2: getHtmlForReplicationStatusTable- $this->assertStringContainsString('<div id="replication_primary_section"', $html);+ self::assertStringContainsString('<div id="replication_primary_section"', $html);- $this->assertStringContainsString('Binlog_Do_DB', $html);- $this->assertStringContainsString('Binlog_Ignore_DB', $html);+ self::assertStringContainsString('Binlog_Do_DB', $html);+ self::assertStringContainsString('Binlog_Ignore_DB', $html);- $this->assertStringContainsString('primary-bin.000030', $html);+ self::assertStringContainsString('primary-bin.000030', $html); //validate 3: getHtmlForReplicationReplicasTable- $this->assertStringContainsString('replication_replicas_section', $html);- $this->assertStringContainsString('<th>Server ID</th>', $html);- $this->assertStringContainsString('<th>Host</th>', $html);+ self::assertStringContainsString('replication_replicas_section', $html);+ self::assertStringContainsString('<th>Server ID</th>', $html);+ self::assertStringContainsString('<th>Host</th>', $html); //replica host- $this->assertStringContainsString('<td class="text-end font-monospace">Server_id1</td>', $html);- $this->assertStringContainsString('<td class="text-end font-monospace">Server_id2</td>', $html);- $this->assertStringContainsString('<td class="text-end font-monospace">Host1</td>', $html);- $this->assertStringContainsString('<td class="text-end font-monospace">Host2</td>', $html);+ self::assertStringContainsString('<td class="text-end font-monospace">Server_id1</td>', $html);+ self::assertStringContainsString('<td class="text-end font-monospace">Server_id2</td>', $html);+ self::assertStringContainsString('<td class="text-end font-monospace">Host1</td>', $html);+ self::assertStringContainsString('<td class="text-end font-monospace">Host2</td>', $html); //Notice- $this->assertStringContainsString('Only replicas started with the', $html);+ self::assertStringContainsString('Only replicas started with the', $html); //validate 4: navigation URL- $this->assertStringContainsString('<a href="index.php?route=/server/replication', $html);- $this->assertStringContainsString('Add replica replication user', $html);+ self::assertStringContainsString('<a href="index.php?route=/server/replication', $html);+ self::assertStringContainsString('Add replica replication user', $html); //validate 5: 'Add replication replica user' form- $this->assertStringContainsString('<div id="primary_addreplicauser_gui">', $html);+ self::assertStringContainsString('<div id="primary_addreplicauser_gui">', $html); } public function testGetHtmlForReplicaConfiguration(): void@@ -100,17 +100,17 @@ ); //legend- $this->assertStringContainsString('<div class="card-header">Replica replication</div>', $html);- $this->assertStringContainsString('<div id="replica_configuration_gui">', $html);+ self::assertStringContainsString('<div class="card-header">Replica replication</div>', $html);+ self::assertStringContainsString('<div id="replica_configuration_gui">', $html); //notice- $this->assertStringContainsString('Server is configured as replica in a replication process.', $html);+ self::assertStringContainsString('Server is configured as replica in a replication process.', $html); //replica session- $this->assertStringContainsString('<div id="replication_replica_section"', $html);+ self::assertStringContainsString('<div id="replication_replica_section"', $html); //variable- $this->assertStringContainsString('Master_SSL_CA_Path', $html);- $this->assertStringContainsString('Master_SSL_Cert', $html);- $this->assertStringContainsString('Master_SSL_Cipher', $html);- $this->assertStringContainsString('Seconds_Behind_Master', $html);+ self::assertStringContainsString('Master_SSL_CA_Path', $html);+ self::assertStringContainsString('Master_SSL_Cert', $html);+ self::assertStringContainsString('Master_SSL_Cipher', $html);+ self::assertStringContainsString('Seconds_Behind_Master', $html); } public function testGetHtmlForReplicationChangePrimary(): void@@ -118,10 +118,10 @@ //Call the test function $html = $this->replicationGui->getHtmlForReplicationChangePrimary('replica_changeprimary');- $this->assertStringContainsString('<form method="post" action="index.php?route=/server/replication', $html);- $this->assertStringContainsString('Replica configuration', $html);- $this->assertStringContainsString('Change or reconfigure primary server', $html);+ self::assertStringContainsString('<form method="post" action="index.php?route=/server/replication', $html);+ self::assertStringContainsString('Replica configuration', $html);+ self::assertStringContainsString('Change or reconfigure primary server', $html); $notice = 'Make sure you have a unique server-id in your configuration file (my.cnf)';- $this->assertStringContainsString($notice, $html);+ self::assertStringContainsString($notice, $html); } }
After analyzing the provided code diff, I can confirm that this is a test file modification where the only changes are replacing `$this->assertStringContainsString()` with `self::assertStringContainsString()`. These changes are related to test assertions and don't involve any security fixes. Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerability found [File] test/classes/ReplicationGuiTest.php [Lines 57-118] [Old Code] Various instances of $this->assertStringContainsString() [Fixed Code] Various instances of self::assertStringContainsString() Additional Details: - The changes are purely stylistic/structural, moving from instance method calls to static method calls in test assertions - No security-related changes were made - The modifications don't affect any security-sensitive functionality - The changes are consistent throughout the file, affecting only test assertion methods
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Engines/MemoryTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Engines/MemoryTest.php@@ -41,11 +41,8 @@ */ public function testGetVariables(): void {- $this->assertEquals(- $this->object->getVariables(),- [- 'max_heap_table_size' => ['type' => 1],- ]- );+ self::assertSame($this->object->getVariables(), [+ 'max_heap_table_size' => ['type' => 1],+ ]); } }
Analyzing the provided code diff for security fixes:
1. Vulnerability Existed: no
No security vulnerability found [File] test/classes/Engines/MemoryTest.php [Lines] 41-48
[Old Code]
$this->assertEquals(
$this->object->getVariables(),
[
'max_heap_table_size' => ['type' => 1],
]
);
[Fixed Code]
self::assertSame($this->object->getVariables(), [
'max_heap_table_size' => ['type' => 1],
]);
Additional Details:
- The change appears to be a test improvement rather than a security fix
- The modification changes assertEquals to assertSame, which is a stricter comparison
- No security-related vulnerabilities are addressed in this diff
- The change is likely made for better test accuracy rather than security reasons
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/FileTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/FileTest.php@@ -34,7 +34,7 @@ public function testMIME(string $file, string $mime): void { $arr = new File($file);- $this->assertEquals($mime, $arr->getCompression());+ self::assertSame($mime, $arr->getCompression()); } /**@@ -48,7 +48,7 @@ { $data = '0x' . bin2hex((string) file_get_contents($file)); $file = new File($file);- $this->assertEquals($data, $file->getContent());+ self::assertSame($data, $file->getContent()); } /**@@ -65,11 +65,11 @@ $file = new File($file); $file->setDecompressContent(true); $file->open();- $this->assertEquals("TEST FILE\n", $file->read(100));+ self::assertSame("TEST FILE\n", $file->read(100)); $file->close(); }- public function compressedFiles(): array+ public static function compressedFiles(): array { return [ [
Analyzing the provided code diff, I don't see any security-related fixes. The changes appear to be test improvements and code style updates. Here's the analysis:
1. Vulnerability Existed: no
Test assertion improvement [test/classes/FileTest.php] [Lines 34,48,65]
Old Code: `$this->assertEquals($mime, $arr->getCompression());`
Fixed Code: `self::assertSame($mime, $arr->getCompression());`
2. Vulnerability Existed: no
Test assertion improvement [test/classes/FileTest.php] [Lines 34,48,65]
Old Code: `$this->assertEquals($data, $file->getContent());`
Fixed Code: `self::assertSame($data, $file->getContent());`
3. Vulnerability Existed: no
Test assertion improvement [test/classes/FileTest.php] [Lines 34,48,65]
Old Code: `$this->assertEquals("TEST FILE\n", $file->read(100));`
Fixed Code: `self::assertSame("TEST FILE\n", $file->read(100));`
4. Vulnerability Existed: no
Method visibility change [test/classes/FileTest.php] [Line 69]
Old Code: `public function compressedFiles(): array`
Fixed Code: `public static function compressedFiles(): array`
The changes are primarily:
1. Replacing `assertEquals` with `assertSame` in test assertions (better type checking)
2. Changing instance method to static method for test data provider
3. No security vulnerabilities were fixed in this diff
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Controllers/Export/Template/DeleteControllerTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Controllers/Export/Template/DeleteControllerTest.php@@ -38,6 +38,6 @@ new Relation($this->dbi) ))($request);- $this->assertTrue($response->hasSuccessState());+ self::assertTrue($response->hasSuccessState()); } }
After analyzing the provided code diff, here's my assessment: Vulnerability Existed: no [No vulnerability found] [test/classes/Controllers/Export/Template/DeleteControllerTest.php] [Lines 38] [Old Code: $this->assertTrue($response->hasSuccessState());] [Fixed Code: self::assertTrue($response->hasSuccessState());] Additional Details: The change appears to be purely a test code improvement, changing from instance method assertion ($this->assertTrue) to static method assertion (self::assertTrue). This is a common practice in PHPUnit tests to make the code more consistent with static assertion methods. There's no security vulnerability being fixed here - it's just a test code style improvement.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Plugins/Export/Helpers/Pdf.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Plugins/Export/Helpers/Pdf.php@@ -208,7 +208,7 @@ $l = $this->lMargin; foreach ($this->colTitles as $col => $txt) { $this->setXY($l, $this->tMargin);- $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt);+ $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt ?? 'NULL'); $l += $this->tablewidths[$col]; $maxY = $maxY < $this->GetY() ? $this->GetY() : $maxY; }@@ -220,7 +220,7 @@ $this->setXY($l, $this->tMargin); $this->Cell($this->tablewidths[$col], $maxY - $this->tMargin, '', 1, 0, 'L', true); $this->setXY($l, $this->tMargin);- $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt, 0, 'C');+ $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt ?? 'NULL', 0, 'C'); $l += $this->tablewidths[$col]; }@@ -267,7 +267,7 @@ $this->page = $currpage; $this->setXY($l, $h); if ($this->tablewidths[$col] > 0) {- $this->MultiCell($this->tablewidths[$col], $lineheight, $txt, 0, $this->colAlign[$col]);+ $this->MultiCell($this->tablewidths[$col], $lineheight, $txt ?? 'NULL', 0, $this->colAlign[$col]); $l += $this->tablewidths[$col]; }@@ -408,7 +408,7 @@ $this->tablewidths[$col], // phpcs:ignore Squiz.NamingConventions.ValidVariableName.MemberNotCamelCaps $this->FontSizePt,- $txt,+ $txt ?? 'NULL', 0, $this->colAlign[$col] );@@ -646,7 +646,7 @@ $this->tablewidths[$col], // phpcs:ignore Squiz.NamingConventions.ValidVariableName.MemberNotCamelCaps $this->FontSizePt,- $txt,+ $txt ?? 'NULL', 0, $this->colAlign[$col] );@@ -801,7 +801,7 @@ while ($row = $this->results->fetchRow()) { foreach ($colFits as $key => $val) { /** @var float $stringWidth */- $stringWidth = $this->GetStringWidth($row[$key]);+ $stringWidth = $this->GetStringWidth($row[$key] ?? 'NULL'); $stringWidth += 6; if ($adjustingMode && ($stringWidth > $this->sColWidth)) { // any column whose data's width is bigger than
Here's the analysis of the provided code diff for security fixes: 1. Vulnerability Existed: not sure [Null Pointer Dereference] [libraries/classes/Plugins/Export/Helpers/Pdf.php] [Lines 208, 220, 267, 408, 646, 801] [Old Code] $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt); $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt, 0, 'C'); $this->MultiCell($this->tablewidths[$col], $lineheight, $txt, 0, $this->colAlign[$col]); $this->GetStringWidth($row[$key]); [Fixed Code] $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt ?? 'NULL'); $this->MultiCell($this->tablewidths[$col], $this->FontSizePt, $txt ?? 'NULL', 0, 'C'); $this->MultiCell($this->tablewidths[$col], $lineheight, $txt ?? 'NULL', 0, $this->colAlign[$col]); $this->GetStringWidth($row[$key] ?? 'NULL'); The diff shows multiple instances where null checks were added using the null coalescing operator (??) to handle potential null values in text strings before they're processed. While this prevents potential null pointer dereferences, it's not clear if this was fixing an actual security vulnerability or just improving code robustness. The changes could prevent crashes but don't appear to address any specific known vulnerability.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Auth/AuthenticationHttpTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Auth/AuthenticationHttpTest.php@@ -111,12 +111,13 @@ if (! empty($_REQUEST['old_usr'])) { $this->object->logOut(); } else {- $this->assertFalse(- $this->object->showLoginForm()- );+ self::assertFalse($this->object->showLoginForm()); } }+ /**+ * @requires PHPUnit < 10+ */ public function testAuthLogoutUrl(): void { $_REQUEST['old_usr'] = '1';@@ -130,6 +131,9 @@ ); }+ /**+ * @requires PHPUnit < 10+ */ public function testAuthVerbose(): void { $_REQUEST['old_usr'] = '';@@ -145,6 +149,9 @@ ); }+ /**+ * @requires PHPUnit < 10+ */ public function testAuthHost(): void { $GLOBALS['cfg']['Server']['verbose'] = '';@@ -160,6 +167,9 @@ ); }+ /**+ * @requires PHPUnit < 10+ */ public function testAuthRealm(): void { $GLOBALS['cfg']['Server']['host'] = '';@@ -202,14 +212,11 @@ $_REQUEST['old_usr'] = $old_usr;- $this->assertEquals(- $expectedReturn,- $this->object->readCredentials()- );-- $this->assertEquals($expectedUser, $this->object->user);-- $this->assertEquals($expectedPass, $this->object->password);+ self::assertSame($expectedReturn, $this->object->readCredentials());++ self::assertSame($expectedUser, $this->object->user);++ self::assertEquals($expectedPass, $this->object->password); $_SERVER[$userIndex] = null; $_SERVER[$passIndex] = null;@@ -220,7 +227,7 @@ * * @return array Test data */- public function readCredentialsProvider(): array+ public static function readCredentialsProvider(): array { return [ [@@ -281,17 +288,15 @@ $GLOBALS['server'] = 2; $GLOBALS['cfg']['Server']['user'] = 'testUser';- $this->assertTrue(- $this->object->storeCredentials()- );-- $this->assertEquals('testUser', $GLOBALS['cfg']['Server']['user']);-- $this->assertEquals('testPass', $GLOBALS['cfg']['Server']['password']);-- $this->assertArrayNotHasKey('PHP_AUTH_PW', $_SERVER);-- $this->assertEquals(2, $GLOBALS['server']);+ self::assertTrue($this->object->storeCredentials());++ self::assertSame('testUser', $GLOBALS['cfg']['Server']['user']);++ self::assertSame('testPass', $GLOBALS['cfg']['Server']['password']);++ self::assertArrayNotHasKey('PHP_AUTH_PW', $_SERVER);++ self::assertSame(2, $GLOBALS['server']); // case 2 $this->object->user = 'testUser';@@ -307,20 +312,15 @@ 'user' => 'user2', ];- $this->assertTrue(- $this->object->storeCredentials()- );-- $this->assertEquals(- [- 'user' => 'testUser',- 'password' => 'testPass',- 'host' => 'a',- ],- $GLOBALS['cfg']['Server']- );-- $this->assertEquals(2, $GLOBALS['server']);+ self::assertTrue($this->object->storeCredentials());++ self::assertEquals([+ 'user' => 'testUser',+ 'password' => 'testPass',+ 'host' => 'a',+ ], $GLOBALS['cfg']['Server']);++ self::assertSame(2, $GLOBALS['server']); // case 3 $GLOBALS['server'] = 3;@@ -337,20 +337,15 @@ 'user' => 'user2', ];- $this->assertTrue(- $this->object->storeCredentials()- );-- $this->assertEquals(- [- 'user' => 'testUser',- 'password' => 'testPass',- 'host' => 'a',- ],- $GLOBALS['cfg']['Server']- );-- $this->assertEquals(3, $GLOBALS['server']);+ self::assertTrue($this->object->storeCredentials());++ self::assertEquals([+ 'user' => 'testUser',+ 'password' => 'testPass',+ 'host' => 'a',+ ], $GLOBALS['cfg']['Server']);++ self::assertSame(3, $GLOBALS['server']); } /**@@ -376,9 +371,9 @@ $this->object->showFailure(''); $result = ob_get_clean();- $this->assertIsString($result);-- $this->assertStringContainsString('<p>error 123</p>', $result);+ self::assertIsString($result);++ self::assertStringContainsString('<p>error 123</p>', $result); $this->object = $this->getMockBuilder(AuthenticationHttp::class) ->disableOriginalConstructor()
Based on the provided code diff, I don't see any security vulnerabilities being fixed. The changes appear to be primarily test-related improvements and modernizations. Here's the analysis: 1. Vulnerability Existed: no Test Assertion Improvements [test/classes/Plugins/Auth/AuthenticationHttpTest.php] [Various lines] Old Code: Various assertions using $this->assert... Fixed Code: Updated to use self::assert... for consistency 2. Vulnerability Existed: no PHPUnit Version Requirements Added [test/classes/Plugins/Auth/AuthenticationHttpTest.php] [Various test methods] Old Code: No version requirements Fixed Code: Added @requires PHPUnit < 10 annotations 3. Vulnerability Existed: no Test Method Modernization [test/classes/Plugins/Auth/AuthenticationHttpTest.php] [readCredentialsProvider method] Old Code: public function readCredentialsProvider() Fixed Code: public static function readCredentialsProvider() The changes are focused on: 1. Improving test assertions (using self:: instead of $this->) 2. Adding PHPUnit version requirements 3. Making test data providers static 4. General code style improvements No security-related vulnerabilities appear to have been addressed in this diff. The changes are all test-related improvements and modernizations.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Server/PluginTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Server/PluginTest.php@@ -30,23 +30,20 @@ 'authVersion' => '1.0', ]);- $this->assertInstanceOf(Plugin::class, $plugin);- $this->assertSame('BLACKHOLE', $plugin->getName());- $this->assertSame('1.0', $plugin->getVersion());- $this->assertSame('ACTIVE', $plugin->getStatus());- $this->assertSame('STORAGE ENGINE', $plugin->getType());- $this->assertSame('100316.0', $plugin->getTypeVersion());- $this->assertSame('ha_blackhole.so', $plugin->getLibrary());- $this->assertSame('1.13', $plugin->getLibraryVersion());- $this->assertSame('MySQL AB', $plugin->getAuthor());- $this->assertSame('GPL', $plugin->getLicense());- $this->assertSame('ON', $plugin->getLoadOption());- $this->assertSame('Stable', $plugin->getMaturity());- $this->assertSame('1.0', $plugin->getAuthVersion());- $this->assertSame(- '/dev/null storage engine (anything you write to it disappears)',- $plugin->getDescription()- );+ self::assertInstanceOf(Plugin::class, $plugin);+ self::assertSame('BLACKHOLE', $plugin->getName());+ self::assertSame('1.0', $plugin->getVersion());+ self::assertSame('ACTIVE', $plugin->getStatus());+ self::assertSame('STORAGE ENGINE', $plugin->getType());+ self::assertSame('100316.0', $plugin->getTypeVersion());+ self::assertSame('ha_blackhole.so', $plugin->getLibrary());+ self::assertSame('1.13', $plugin->getLibraryVersion());+ self::assertSame('MySQL AB', $plugin->getAuthor());+ self::assertSame('GPL', $plugin->getLicense());+ self::assertSame('ON', $plugin->getLoadOption());+ self::assertSame('Stable', $plugin->getMaturity());+ self::assertSame('1.0', $plugin->getAuthVersion());+ self::assertSame('/dev/null storage engine (anything you write to it disappears)', $plugin->getDescription()); return $plugin; }@@ -58,7 +55,7 @@ */ public function testToArray(Plugin $plugin): void {- $this->assertSame([+ self::assertSame([ 'name' => 'BLACKHOLE', 'version' => '1.0', 'status' => 'ACTIVE',
After analyzing the provided code diff, I don't find any security-related changes. The changes appear to be purely stylistic/refactoring changes in test assertions. Here's the analysis:
Vulnerability Existed: no
No security vulnerability found [File] test/classes/Server/PluginTest.php [Lines] 30-58
[Old Code]
$this->assertInstanceOf(Plugin::class, $plugin);
$this->assertSame('BLACKHOLE', $plugin->getName());
...
[Fixed Code]
self::assertInstanceOf(Plugin::class, $plugin);
self::assertSame('BLACKHOLE', $plugin->getName());
...
The changes consist of:
1. Changing test assertions from $this->assert... to self::assert...
2. Minor formatting changes (like combining a multi-line assertSame into one line)
These changes don't relate to any security fixes but rather appear to be test code improvements or style consistency updates. No actual functionality or security-related code was modified.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/selenium/TrackingTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/selenium/TrackingTest.php@@ -60,22 +60,19 @@ $this->byPartialLinkText('Tracking report')->click(); $this->waitForElement('xpath', "//h3[contains(., 'Tracking report')]");- $this->assertStringContainsString(+ self::assertStringContainsString( 'DROP TABLE IF EXISTS `test_table`', $this->getCellByTableId('ddl_versions', 1, 4) );- $this->assertStringContainsString(- 'CREATE TABLE `test_table` (',- $this->getCellByTableId('ddl_versions', 2, 4)- );-- $this->assertStringContainsString(+ self::assertStringContainsString('CREATE TABLE `test_table` (', $this->getCellByTableId('ddl_versions', 2, 4));++ self::assertStringContainsString( 'UPDATE test_table SET val = val + 1', $this->getCellByTableId('dml_versions', 1, 4) );- $this->assertStringNotContainsString(+ self::assertStringNotContainsString( 'DELETE FROM test_table WHERE val = 3', $this->byId('dml_versions')->getText() );@@ -90,19 +87,14 @@ $this->waitAjax();- $this->assertFalse(- $this->isElementPresent('id', 'dml_versions')- );-- $this->assertStringContainsString(+ self::assertFalse($this->isElementPresent('id', 'dml_versions'));++ self::assertStringContainsString( 'DROP TABLE IF EXISTS `test_table`', $this->getCellByTableId('ddl_versions', 1, 4) );- $this->assertStringContainsString(- 'CREATE TABLE `test_table` (',- $this->getCellByTableId('ddl_versions', 2, 4)- );+ self::assertStringContainsString('CREATE TABLE `test_table` (', $this->getCellByTableId('ddl_versions', 2, 4)); // only data $this->selectByLabel(@@ -114,16 +106,14 @@ $this->waitAjax();- $this->assertFalse(- $this->isElementPresent('id', 'ddl_versions')- );-- $this->assertStringContainsString(+ self::assertFalse($this->isElementPresent('id', 'ddl_versions'));++ self::assertStringContainsString( 'UPDATE test_table SET val = val + 1', $this->getCellByTableId('dml_versions', 1, 4) );- $this->assertStringNotContainsString(+ self::assertStringNotContainsString( 'DELETE FROM test_table WHERE val = 3', $this->byId('dml_versions')->getText() );@@ -139,9 +129,7 @@ $this->byCssSelector("input[value='Deactivate now']")->click(); $this->waitForElement('cssSelector', "input[value='Activate now']"); $this->executeSqlAndReturnToTableTracking();- $this->assertFalse(- $this->isElementPresent('id', 'dml_versions')- );+ self::assertFalse($this->isElementPresent('id', 'dml_versions')); } /**@@ -173,20 +161,14 @@ // Can not use getCellByTableId, // since this is under 'th' and not 'td'- $this->assertStringContainsString(- 'test_table',- $this->waitForElement(- 'cssSelector',- 'table#noversions tbody tr:nth-child(1) th:nth-child(2)'- )->getText()- );- $this->assertStringContainsString(- 'test_table_2',- $this->waitForElement(- 'cssSelector',- 'table#noversions tbody tr:nth-child(2) th:nth-child(2)'- )->getText()- );+ self::assertStringContainsString('test_table', $this->waitForElement(+ 'cssSelector',+ 'table#noversions tbody tr:nth-child(1) th:nth-child(2)'+ )->getText());+ self::assertStringContainsString('test_table_2', $this->waitForElement(+ 'cssSelector',+ 'table#noversions tbody tr:nth-child(2) th:nth-child(2)'+ )->getText()); } /**@@ -199,25 +181,13 @@ $this->byPartialLinkText('Structure snapshot')->click(); $this->waitForElement('id', 'tablestructure');- $this->assertStringContainsString(- 'id',- $this->getCellByTableId('tablestructure', 1, 2)- );-- $this->assertStringContainsString(- 'val',- $this->getCellByTableId('tablestructure', 2, 2)- );-- $this->assertStringContainsString(- 'PRIMARY',- $this->getCellByTableId('tablestructure_indexes', 1, 1)- );-- $this->assertStringContainsString(- 'id',- $this->getCellByTableId('tablestructure_indexes', 1, 5)- );+ self::assertStringContainsString('id', $this->getCellByTableId('tablestructure', 1, 2));++ self::assertStringContainsString('val', $this->getCellByTableId('tablestructure', 2, 2));++ self::assertStringContainsString('PRIMARY', $this->getCellByTableId('tablestructure_indexes', 1, 1));++ self::assertStringContainsString('id', $this->getCellByTableId('tablestructure_indexes', 1, 5)); } /**
After analyzing the provided code diff, I don't see any security-related fixes. The changes appear to be primarily focused on code style and test assertions. Here's the analysis: 1. Vulnerability Existed: no [Code Style Changes] [test/selenium/TrackingTest.php] [Various lines] [Old Code: Various $this->assert... calls] [Fixed Code: Changed to self::assert... calls] The main changes in this diff are: 1. Changing test assertion methods from instance calls ($this->assert...) to static calls (self::assert...) 2. Some code formatting changes (combining multi-line assertions into single lines) 3. No changes to actual functionality or security-related code These changes appear to be test code improvements rather than security fixes. The assertions are still testing the same functionality, just with a different calling style. There are no changes to any security-sensitive operations like input validation, authentication, or data handling.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Git.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Git.php@@ -4,6 +4,8 @@ namespace PhpMyAdmin;+use DateTimeImmutable;+use DateTimeZone; use DirectoryIterator; use PhpMyAdmin\Utils\HttpRequest; use stdClass;@@ -13,7 +15,6 @@ use function basename; use function bin2hex; use function count;-use function date; use function explode; use function fclose; use function file_exists;@@ -26,6 +27,7 @@ use function implode; use function in_array; use function intval;+use function is_array; use function is_bool; use function is_dir; use function is_file;@@ -57,15 +59,23 @@ private $showGitRevision; /**+ * The path where the to search for .git folders+ *+ * @var string+ */+ private $baseDir;++ /** * Git has been found and the data fetched * * @var bool */ private $hasGit = false;- public function __construct(bool $showGitRevision)+ public function __construct(bool $showGitRevision, ?string $baseDir = null) { $this->showGitRevision = $showGitRevision;+ $this->baseDir = $baseDir ?? ROOT_PATH; } public function hasGitInformation(): bool@@ -94,8 +104,10 @@ // find out if there is a .git folder // or a .git file (--separate-git-dir)- $git = '.git';- if (is_dir($git)) {+ $git = $this->baseDir . '.git';+ if (file_exists($this->baseDir . 'revision-info.php')) {+ $git_location = 'revision-info.php';+ } elseif (is_dir($git)) { if (! @is_file($git . '/config')) { $_SESSION['git_location'] = null; $_SESSION['is_git_revision'] = false;@@ -358,11 +370,11 @@ /** * Extract committer, author and message from commit body *- * @param array $commit The commit body+ * @param string[] $commit The commit body * * @return array<int,array<string,string>|string> */- private function extractDataFormTextBody(array $commit): array+ public static function extractDataFormTextBody(array $commit): array { $author = [ 'name' => '',@@ -385,14 +397,14 @@ $user = $datalinearr[1]; preg_match('/([^<]+)<([^>]+)> ([0-9]+)( [^ ]+)?/', $user, $user);+ $timezone = new DateTimeZone($user[4] ?? '+0000');+ $date = (new DateTimeImmutable())->setTimestamp((int) $user[3])->setTimezone($timezone);+ $user2 = [ 'name' => trim($user[1]), 'email' => trim($user[2]),- 'date' => date('Y-m-d H:i:s', (int) $user[3]),+ 'date' => $date->format('Y-m-d H:i:s O'), ];- if (isset($user[4])) {- $user2['date'] .= $user[4];- } if ($linetype === 'author') { $author = $user2;@@ -536,6 +548,44 @@ } /**+ * @return array<string, string|array<string, string>>|null+ * @psalm-return array{+ * revision: string,+ * revisionHash: string,+ * revisionUrl: string,+ * branch: string,+ * branchUrl: string,+ * message: string,+ * author: array{+ * name: string,+ * email: string,+ * date: string+ * },+ * committer: array{+ * name: string,+ * email: string,+ * date: string+ * }+ * }|null+ */+ public function getGitRevisionInfo(): ?array+ {+ if (@file_exists($this->baseDir . 'revision-info.php')) {+ /** @var array{ revision: string, revisionHash: string, revisionUrl: string, branch: string, branchUrl: string, message: string, author: array{ name: string, email: string, date: string }, committer: array{ name: string, email: string, date: string }}|null $info */+ /** @psalm-suppress MissingFile,UnresolvableInclude */+ $info = include $this->baseDir . 'revision-info.php';++ if (! is_array($info)) {+ return null;+ }++ return $info;+ }++ return null;+ }++ /** * detects Git revision, if running inside repo */ public function checkGitRevision(): ?array@@ -546,6 +596,37 @@ $this->hasGit = false; return null;+ }++ // Special name to indicate the use of the config file+ if ($gitFolder === 'revision-info.php') {+ $info = $this->getGitRevisionInfo();++ if ($info === null) {+ return null;+ }++ $this->hasGit = true;++ return [+ 'hash' => $info['revisionHash'],+ 'branch' => $info['branch'],+ 'message' => $info['message'],+ 'author' => [+ 'name' => $info['author']['name'],+ 'email' => $info['author']['email'],+ 'date' => $info['author']['date'],+ ],+ 'committer' => [+ 'name' => $info['committer']['name'],+ 'email' => $info['committer']['email'],+ 'date' => $info['committer']['date'],+ ],+ // Let's make the guess that the data is remote+ // The write script builds a remote commit url without checking that it exists+ 'is_remote_commit' => true,+ 'is_remote_branch' => true,+ ]; } $ref_head = @file_get_contents($gitFolder . '/HEAD');@@ -607,7 +688,7 @@ } if ($commit !== false) {- [$author, $committer, $message] = $this->extractDataFormTextBody($commit);+ [$author, $committer, $message] = self::extractDataFormTextBody($commit); } elseif (isset($commit_json->author, $commit_json->committer, $commit_json->message)) { $author = [ 'name' => $commit_json->author->name,
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: yes
Insecure File Inclusion [File] libraries/classes/Git.php [Lines 570-576]
[Old Code]
No previous code for file inclusion
[Fixed Code]
```php
if (@file_exists($this->baseDir . 'revision-info.php')) {
/** @var array{ revision: string, revisionHash: string, revisionUrl: string, branch: string, branchUrl: string, message: string, author: array{ name: string, email: string, date: string }, committer: array{ name: string, email: string, date: string }}|null $info */
/** @psalm-suppress MissingFile,UnresolvableInclude */
$info = include $this->baseDir . 'revision-info.php';
```
2. Vulnerability Existed: yes
Time Zone Injection [File] libraries/classes/Git.php [Lines 397-403]
[Old Code]
```php
$user2 = [
'name' => trim($user[1]),
'email' => trim($user[2]),
'date' => date('Y-m-d H:i:s', (int) $user[3]),
];
if (isset($user[4])) {
$user2['date'] .= $user[4];
}
```
[Fixed Code]
```php
$timezone = new DateTimeZone($user[4] ?? '+0000');
$date = (new DateTimeImmutable())->setTimestamp((int) $user[3])->setTimezone($timezone);
$user2 = [
'name' => trim($user[1]),
'email' => trim($user[2]),
'date' => $date->format('Y-m-d H:i:s O'),
];
```
3. Vulnerability Existed: not sure
Potential Path Traversal [File] libraries/classes/Git.php [Lines 94-104]
[Old Code]
```php
$git = '.git';
if (is_dir($git)) {
```
[Fixed Code]
```php
$git = $this->baseDir . '.git';
if (file_exists($this->baseDir . 'revision-info.php')) {
$git_location = 'revision-info.php';
} elseif (is_dir($git)) {
```
The most significant security fixes are:
1. The addition of proper file inclusion checks with type validation for revision-info.php
2. The replacement of direct date formatting with proper DateTimeZone handling to prevent time zone injection
3. The potential path traversal fix by using baseDir for path construction, though this is less clear as a security fix
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Controllers/Database/PrivilegesControllerTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Controllers/Database/PrivilegesControllerTest.php@@ -52,46 +52,19 @@ $dbi ))(['checkprivsdb' => $db]);- $this->assertStringContainsString(- Url::getCommon(['db' => $db], ''),- $actual- );+ self::assertStringContainsString(Url::getCommon(['db' => $db], ''), $actual);- $this->assertStringContainsString($db, $actual);+ self::assertStringContainsString($db, $actual);- $this->assertStringContainsString(- __('User'),- $actual- );- $this->assertStringContainsString(- __('Host'),- $actual- );- $this->assertStringContainsString(- __('Type'),- $actual- );- $this->assertStringContainsString(- __('Privileges'),- $actual- );- $this->assertStringContainsString(- __('Grant'),- $actual- );- $this->assertStringContainsString(- __('Action'),- $actual- );+ self::assertStringContainsString(__('User'), $actual);+ self::assertStringContainsString(__('Host'), $actual);+ self::assertStringContainsString(__('Type'), $actual);+ self::assertStringContainsString(__('Privileges'), $actual);+ self::assertStringContainsString(__('Grant'), $actual);+ self::assertStringContainsString(__('Action'), $actual); //_pgettext('Create new user', 'New')- $this->assertStringContainsString(- _pgettext('Create new user', 'New'),- $actual- );- $this->assertStringContainsString(- Url::getCommon(['checkprivsdb' => $db]),- $actual- );+ self::assertStringContainsString(_pgettext('Create new user', 'New'), $actual);+ self::assertStringContainsString(Url::getCommon(['checkprivsdb' => $db]), $actual); } }
After analyzing the provided code diff, I don't see any security-related changes. The changes appear to be purely code style/formatting improvements in test assertions. Here's my analysis: Vulnerability Existed: no No security vulnerability found [test/classes/Controllers/Database/PrivilegesControllerTest.php] [Lines 52-74] [Old Code] Multiple assertions with different formatting styles [Fixed Code] Consolidated assertions with consistent formatting using self::assertStringContainsString The changes: 1. Changed $this->assertStringContainsString to self::assertStringContainsString 2. Consolidated multi-line assertions into single lines where possible 3. Maintained the same test functionality but with cleaner code These changes don't indicate any security fixes, just test code improvements. The test continues to verify the same functionality as before, just with more concise syntax.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Table/Search.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Table/Search.php@@ -50,7 +50,7 @@ // (more efficient and this helps prevent a problem in IE // if one of the rows is edited and we come back to the Select results) if (isset($_POST['zoom_submit']) || ! empty($_POST['displayAllColumns'])) {- $sql_query .= '* ';+ $sql_query .= '*'; } else { $columnsToDisplay = $_POST['columnsToDisplay']; $quotedColumns = [];@@ -90,9 +90,12 @@ // If there are no search criteria set or no unary criteria operators, // return if (- ! isset($_POST['criteriaValues'])- && ! isset($_POST['criteriaColumnOperators'])- && ! isset($_POST['geom_func'])+ ! isset($_POST['criteriaColumnOperators'])+ || (+ ! isset($_POST['criteriaValues'])+ && ! isset($_POST['criteriaColumnOperators'])+ && ! isset($_POST['geom_func'])+ ) ) { return ''; }
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: not sure
[Potential SQL Injection] [File: libraries/classes/Table/Search.php] [Lines: 50-90]
[Old Code]
if (isset($_POST['zoom_submit']) || ! empty($_POST['displayAllColumns'])) {
$sql_query .= '* ';
} else {
$columnsToDisplay = $_POST['columnsToDisplay'];
$quotedColumns = [];
}
[Fixed Code]
if (isset($_POST['zoom_submit']) || ! empty($_POST['displayAllColumns'])) {
$sql_query .= '*';
} else {
$columnsToDisplay = $_POST['columnsToDisplay'];
$quotedColumns = [];
}
Additional Details: The change removes a space after the asterisk, which doesn't appear to be security-related. However, the code uses $_POST variables directly in SQL construction without visible sanitization, which could potentially lead to SQL injection if not handled elsewhere.
2. Vulnerability Existed: yes
[Improper Input Validation] [File: libraries/classes/Table/Search.php] [Lines: 90-98]
[Old Code]
if (
! isset($_POST['criteriaValues'])
&& ! isset($_POST['criteriaColumnOperators'])
&& ! isset($_POST['geom_func'])
) {
return '';
}
[Fixed Code]
if (
! isset($_POST['criteriaColumnOperators'])
|| (
! isset($_POST['criteriaValues'])
&& ! isset($_POST['criteriaColumnOperators'])
&& ! isset($_POST['geom_func'])
)
) {
return '';
}
Additional Details: The condition logic was changed to be more strict, requiring either criteriaColumnOperators to be set OR all three conditions to be unset. This appears to be a fix for improper input validation that could have allowed certain requests to bypass validation checks.
Note: While these changes appear to be security-related improvements, without more context about the complete input handling and sanitization process, we can't be certain about the exact vulnerabilities being addressed. The changes do suggest the developers were tightening input validation and potentially preventing certain types of injection attacks.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/selenium/NormalizationTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/selenium/NormalizationTest.php@@ -43,19 +43,15 @@ */ public function testNormalizationTo1NF(): void {- $this->assertTrue(- $this->isElementPresent('cssSelector', 'fieldset')- );- $this->assertEquals(+ self::assertTrue($this->isElementPresent('cssSelector', 'fieldset'));+ self::assertEquals( 'First step of normalization (1NF)', $this->byCssSelector('label[for=normalizeToRadio1]')->getText() );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- 'input[id=normalizeToRadio1][type=radio]:checked'- )- );+ self::assertTrue($this->isElementPresent(+ 'cssSelector',+ 'input[id=normalizeToRadio1][type=radio]:checked'+ )); $this->byCssSelector('input[name=submit_normalize]')->click(); $this->waitForElement('id', 'mainContent'); $this->assert1NFSteps();@@ -66,46 +62,16 @@ */ private function assert1NFSteps(): void {- $this->assertEquals(+ self::assertEquals( 'First step of normalization (1NF)', $this->byCssSelector('#page_content h3')->getText() );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#mainContent h4'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#mainContent #newCols'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '.tblFooters'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#selectNonAtomicCol option[value=val2]'- )- );- $this->assertFalse(- $this->isElementPresent(- 'cssSelector',- '#selectNonAtomicCol option[value=val]'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#selectNonAtomicCol option[value=no_such_col]'- )- );+ self::assertTrue($this->isElementPresent('cssSelector', '#mainContent h4'));+ self::assertTrue($this->isElementPresent('cssSelector', '#mainContent #newCols'));+ self::assertTrue($this->isElementPresent('cssSelector', '.tblFooters'));+ self::assertTrue($this->isElementPresent('cssSelector', '#selectNonAtomicCol option[value=val2]'));+ self::assertFalse($this->isElementPresent('cssSelector', '#selectNonAtomicCol option[value=val]'));+ self::assertTrue($this->isElementPresent('cssSelector', '#selectNonAtomicCol option[value=no_such_col]')); $this->selectByValue( $this->byId('selectNonAtomicCol'),@@ -114,32 +80,17 @@ $this->waitForElement('xpath', "//legend[contains(., 'Step 1.2 Have a primary key')]"); $text = $this->byCssSelector('#mainContent h4')->getText();- $this->assertStringContainsString('Primary key already exists.', $text);+ self::assertStringContainsString('Primary key already exists.', $text); $this->waitForElement('xpath', "//legend[contains(., 'Step 1.3 Move repeating groups')]"); $this->byCssSelector('input[value="No repeating group"]')->click(); $this->waitForElement('xpath', "//legend[contains(., 'Step 1.4 Remove redundant columns')]");- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#mainContent #extra'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#extra input[value=val2][type=checkbox]'- )- );- $this->assertTrue(- $this->isElementPresent(- 'cssSelector',- '#extra input[value=id][type=checkbox]'- )- );+ self::assertTrue($this->isElementPresent('cssSelector', '#mainContent #extra'));+ self::assertTrue($this->isElementPresent('cssSelector', '#extra input[value=val2][type=checkbox]'));+ self::assertTrue($this->isElementPresent('cssSelector', '#extra input[value=id][type=checkbox]')); $this->byCssSelector('#extra input[value=val][type=checkbox]')->click(); $this->byCssSelector('#removeRedundant')->click(); $this->waitForElement('xpath', "//legend[contains(., 'End of step')]");- $this->assertStringContainsString(+ self::assertStringContainsString( "The first step of normalization is complete for table 'test_table'.", $this->byCssSelector('#mainContent h4')->getText() );
After analyzing the provided code diff, I don't see any security-related fixes. The changes appear to be primarily code style improvements and test assertion modifications. Here's the analysis: 1. Vulnerability Existed: no Code Style Improvements [File] [Lines 43-80] [Old Code] - Various assertions using $this->assert*() [Fixed Code] - Changed to use self::assert*() consistently 2. Vulnerability Existed: no Test Code Refactoring [File] [Lines 43-80] [Old Code] - Multi-line assertion statements [Fixed Code] - More compact assertion statements with the same functionality The changes are focused on: 1. Changing assertion method calls from instance ($this->) to static (self::) calls 2. Formatting improvements (removing unnecessary parentheses and line breaks) 3. No changes to actual security-related functionality or input handling No security vulnerabilities were identified in this diff as it's purely test code refactoring with no impact on production code or security mechanisms.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/FooterTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/FooterTest.php@@ -7,6 +7,7 @@ use ArrayIterator; use PhpMyAdmin\ErrorHandler; use PhpMyAdmin\Footer;+use ReflectionProperty; use function json_encode;@@ -79,11 +80,8 @@ ], ];- $this->assertEquals(- '{"queries":[{"count":1,"time":0.2,"query":"SELECT * FROM `pma_bookmark` WHERE 1"},'- . '{"count":1,"time":2.5,"query":"SELECT * FROM `db` WHERE 1"}]}',- $this->object->getDebugMessage()- );+ self::assertSame('{"queries":[{"count":1,"time":0.2,"query":"SELECT * FROM `pma_bookmark` WHERE 1"},'+ . '{"count":1,"time":2.5,"query":"SELECT * FROM `db` WHERE 1"}]}', $this->object->getDebugMessage()); } /**@@ -97,7 +95,7 @@ $object->child->parent = $object; $this->callFunction($this->object, Footer::class, 'removeRecursion', [&$object]);- $this->assertEquals(+ self::assertSame( '{"child":{"parent":"***RECURSION***"},"childIterator":"***ITERATOR***"}', json_encode($object) );@@ -110,23 +108,14 @@ { $footer = new Footer(); $footer->disable();- $this->assertEquals(- '',- $footer->getDisplay()- );+ self::assertSame('', $footer->getDisplay()); }- /**- * Test for footer when ajax enabled- */- public function testAjax(): void+ public function testGetDisplayWhenAjaxIsEnabled(): void { $footer = new Footer(); $footer->setAjax(true);- $this->assertEquals(- '',- $footer->getDisplay()- );+ self::assertSame('', $footer->getDisplay()); } /**@@ -135,7 +124,7 @@ public function testGetScripts(): void { $footer = new Footer();- $this->assertStringContainsString(+ self::assertStringContainsString( '<script data-cfasync="false" type="text/javascript">', $footer->getScripts()->getDisplay() );@@ -149,10 +138,7 @@ public function testDisplay(): void { $footer = new Footer();- $this->assertStringContainsString(- 'Open new phpMyAdmin window',- $footer->getDisplay()- );+ self::assertStringContainsString('Open new phpMyAdmin window', $footer->getDisplay()); } /**@@ -162,9 +148,19 @@ { $footer = new Footer(); $footer->setMinimal();- $this->assertEquals(- " </div>\n </body>\n</html>\n",- $footer->getDisplay()- );+ self::assertSame(" </div>\n </body>\n</html>\n", $footer->getDisplay());+ }++ public function testSetAjax(): void+ {+ $isAjax = new ReflectionProperty(Footer::class, 'isAjax');+ $isAjax->setAccessible(true);+ $footer = new Footer();++ self::assertFalse($isAjax->getValue($footer));+ $footer->setAjax(true);+ self::assertTrue($isAjax->getValue($footer));+ $footer->setAjax(false);+ self::assertFalse($isAjax->getValue($footer)); } }
After analyzing the provided code diff, I don't find any security-related fixes. The changes appear to be primarily test improvements and code quality enhancements. Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerabilities found in the diff. The changes include: 1. Added ReflectionProperty import 2. Changed assertEquals to assertSame for more strict comparisons 3. Renamed testAjax to testGetDisplayWhenAjaxIsEnabled for clarity 4. Added new testSetAjax method for better test coverage 5. Minor formatting improvements The changes are focused on test quality and maintainability rather than security fixes. The test assertions were made more strict (assertEquals → assertSame) which improves test reliability but doesn't address any security issues.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.