Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/js/src/designer/move.js+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/js/src/designer/move.js@@ -1960,16 +1960,16 @@ }; DesignerMove.enablePageContentEvents = function () {- $('#page_content').off('mousedown');- $('#page_content').off('mouseup');- $('#page_content').off('mousemove');- $('#page_content').on('mousedown', function (e) {+ $(document).off('mousedown');+ $(document).off('mouseup');+ $(document).off('mousemove');+ $(document).on('mousedown', function (e) { DesignerMove.mouseDown(e); });- $('#page_content').on('mouseup', function (e) {+ $(document).on('mouseup', function (e) { DesignerMove.mouseUp(e); });- $('#page_content').on('mousemove', function (e) {+ $(document).on('mousemove', function (e) { DesignerMove.mouseMove(e); }); };@@ -2068,9 +2068,9 @@ $('#cancel_close_option').off('click'); $('#ok_new_rel_panel').off('click'); $('#cancel_new_rel_panel').off('click');- $('#page_content').off('mouseup');- $('#page_content').off('mousedown');- $('#page_content').off('mousemove');+ $(document).off('mouseup');+ $(document).off('mousedown');+ $(document).off('mousemove'); }); AJAX.registerOnload('designer/move.js', function () {
Analyzing the provided code diff for security fixes:
1. Vulnerability Existed: not sure
Event Listener Scope Change [File] [js/src/designer/move.js] [Lines 1960-1973, 2068-2070]
[Old Code]
$('#page_content').off('mousedown');
$('#page_content').off('mouseup');
$('#page_content').off('mousemove');
$('#page_content').on('mousedown', function (e) {
DesignerMove.mouseDown(e);
});
$('#page_content').on('mouseup', function (e) {
DesignerMove.mouseUp(e);
});
$('#page_content').on('mousemove', function (e) {
DesignerMove.mouseMove(e);
});
[Fixed Code]
$(document).off('mousedown');
$(document).off('mouseup');
$(document).off('mousemove');
$(document).on('mousedown', function (e) {
DesignerMove.mouseDown(e);
});
$(document).on('mouseup', function (e) {
DesignerMove.mouseUp(e);
});
$(document).on('mousemove', function (e) {
DesignerMove.mouseMove(e);
});
Additional Details:
The change modifies the scope of event listeners from '#page_content' to 'document'. While this isn't clearly a security fix, it could potentially relate to:
1. Preventing event handling issues if '#page_content' is manipulated
2. Ensuring consistent behavior across the document
3. Possibly fixing a race condition in event handling
However, without more context about the application's security requirements or previous issues, I can't definitively say this was a security fix. The change appears more architectural than security-focused.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Export/ExportExcelTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Export/ExportExcelTest.php@@ -56,121 +56,73 @@ $attrProperties->setAccessible(true); $properties = $attrProperties->getValue($this->object);- $this->assertInstanceOf(ExportPluginProperties::class, $properties);+ self::assertInstanceOf(ExportPluginProperties::class, $properties);- $this->assertEquals(- 'CSV for MS Excel',- $properties->getText()- );+ self::assertSame('CSV for MS Excel', $properties->getText());- $this->assertEquals(- 'csv',- $properties->getExtension()- );+ self::assertSame('csv', $properties->getExtension());- $this->assertEquals(- 'text/comma-separated-values',- $properties->getMimeType()- );+ self::assertSame('text/comma-separated-values', $properties->getMimeType());- $this->assertEquals(- 'Options',- $properties->getOptionsText()- );+ self::assertSame('Options', $properties->getOptionsText()); $options = $properties->getOptions();- $this->assertInstanceOf(OptionsPropertyRootGroup::class, $options);+ self::assertInstanceOf(OptionsPropertyRootGroup::class, $options);- $this->assertEquals(- 'Format Specific Options',- $options->getName()- );+ self::assertSame('Format Specific Options', $options->getName()); $generalOptionsArray = $options->getProperties(); $generalOptions = $generalOptionsArray[0];- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);- $this->assertEquals(- 'general_opts',- $generalOptions->getName()- );+ self::assertSame('general_opts', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(TextPropertyItem::class, $property);+ self::assertInstanceOf(TextPropertyItem::class, $property);- $this->assertEquals(- 'null',- $property->getName()- );+ self::assertSame('null', $property->getName());- $this->assertEquals(- 'Replace NULL with:',- $property->getText()- );+ self::assertSame('Replace NULL with:', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(BoolPropertyItem::class, $property);+ self::assertInstanceOf(BoolPropertyItem::class, $property);- $this->assertEquals(- 'removeCRLF',- $property->getName()- );+ self::assertSame('removeCRLF', $property->getName());- $this->assertEquals(- 'Remove carriage return/line feed characters within columns',- $property->getText()- );+ self::assertSame('Remove carriage return/line feed characters within columns', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(BoolPropertyItem::class, $property);+ self::assertInstanceOf(BoolPropertyItem::class, $property);- $this->assertEquals(- 'columns',- $property->getName()- );+ self::assertSame('columns', $property->getName());- $this->assertEquals(- 'Put columns names in the first row',- $property->getText()- );+ self::assertSame('Put columns names in the first row', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(SelectPropertyItem::class, $property);+ self::assertInstanceOf(SelectPropertyItem::class, $property);- $this->assertEquals(- 'edition',- $property->getName()- );+ self::assertSame('edition', $property->getName());- $this->assertEquals(- [- 'win' => 'Windows',- 'mac_excel2003' => 'Excel 2003 / Macintosh',- 'mac_excel2008' => 'Excel 2008 / Macintosh',- ],- $property->getValues()- );+ self::assertSame([+ 'win' => 'Windows',+ 'mac_excel2003' => 'Excel 2003 / Macintosh',+ 'mac_excel2008' => 'Excel 2008 / Macintosh',+ ], $property->getValues());- $this->assertEquals(- 'Excel edition:',- $property->getText()- );+ self::assertSame('Excel edition:', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(HiddenPropertyItem::class, $property);+ self::assertInstanceOf(HiddenPropertyItem::class, $property);- $this->assertEquals(- 'structure_or_data',- $property->getName()- );+ self::assertSame('structure_or_data', $property->getName()); } }
After analyzing the provided code diff, I can conclude that this is a test file modification that doesn't contain any security fixes. The changes are purely related to test assertions and code style improvements. Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerability found [test/classes/Plugins/Export/ExportExcelTest.php] [Lines 56-121 vs 56-73] [Old Code] Various assertions using $this->assertEquals() and $this->assertInstanceOf() [Fixed Code] Same assertions converted to use self::assertSame() and self::assertInstanceOf() The changes made: 1. Changed assertion methods from instance-based ($this->) to static (self::) calls 2. Replaced assertEquals() with assertSame() where appropriate 3. Simplified array assertion formatting 4. Made the code more concise by removing unnecessary line breaks These are all test quality improvements rather than security fixes. The test functionality remains the same, just with more precise assertions (assertSame() instead of assertEquals()) and cleaner code structure. No security vulnerabilities were identified in this diff. The changes appear to be part of routine test maintenance and code quality improvements.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Properties/Plugins/ExportPluginPropertiesTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Properties/Plugins/ExportPluginPropertiesTest.php@@ -34,10 +34,7 @@ public function testGetItemType(): void {- $this->assertEquals(- 'export',- $this->object->getItemType()- );+ self::assertSame('export', $this->object->getItemType()); } /**@@ -49,8 +46,6 @@ { $this->object->setForceFile(true);- $this->assertTrue(- $this->object->getForceFile()- );+ self::assertTrue($this->object->getForceFile()); } }
After analyzing the provided code diff, I don't see any security-related changes. The changes appear to be test code improvements, switching from `assertEquals` to `assertSame` and removing unnecessary line breaks in test assertions. These are stylistic/quality improvements rather than security fixes.
Here's the structured response:
Vulnerability Existed: no
No security vulnerability found
File: test/classes/Properties/Plugins/ExportPluginPropertiesTest.php
[Old Code]
$this->assertEquals(
'export',
$this->object->getItemType()
);
[Fixed Code]
self::assertSame('export', $this->object->getItemType());
Vulnerability Existed: no
No security vulnerability found
File: test/classes/Properties/Plugins/ExportPluginPropertiesTest.php
[Old Code]
$this->assertTrue(
$this->object->getForceFile()
);
[Fixed Code]
self::assertTrue($this->object->getForceFile());
The changes are purely related to test code quality and don't indicate any security fixes. The modifications involve:
1. Switching from `assertEquals` to the stricter `assertSame`
2. Removing unnecessary line breaks in test assertions
3. Changing `$this->` to `self::` for static method calls
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Stubs/DbiDummy.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Stubs/DbiDummy.php@@ -50,9 +50,9 @@ * @var array * @phpstan-var array{ * 'query': string,- * 'result': ((int[]|string[]|array{string: string})[])|bool|bool[]|empty-array,+ * 'result': list<array<string|float|int|null>>|array{true}|bool, * 'columns'?: string[],- * 'metadata'?: object[]|empty-array,+ * 'metadata'?: object[], * 'used'?: bool, * 'pos'?: int * }[]@@ -72,9 +72,9 @@ * @var array * @phpstan-var array{ * 'query': string,- * 'result': ((int[]|string[]|array{string: string})[])|bool|bool[]|empty-array,+ * 'result': list<array<string|float|int|null>>|bool, * 'columns'?: string[],- * 'metadata'?: object[]|empty-array,+ * 'metadata'?: object[], * 'pos'?: int * }[] */@@ -132,7 +132,7 @@ return true; }- Assert::markTestIncomplete('Non expected select of database: ' . $databaseName);+ Assert::fail('Non expected select of database: ' . $databaseName); } public function hasUnUsedErrors(): bool@@ -226,7 +226,7 @@ return new DummyResult($this, $i + self::OFFSET_GLOBAL); }- Assert::markTestIncomplete('Not supported query: ' . $query);+ Assert::fail('Not supported query: ' . $query); } /**@@ -493,7 +493,7 @@ * @param array|bool $result Expected result * @param string[] $columns The result columns * @param object[] $metadata The result metadata- * @phpstan-param array<int, array<int, array{string: string}|bool|int|string|null>|bool>|bool $result+ * @phpstan-param list<array<string|float|int|null>>|array{true}|bool $result */ public function addResult(string $query, $result, array $columns = [], array $metadata = []): void {@@ -582,7 +582,9 @@ [ 'query' => 'SELECT 1 FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES`' . " WHERE `PRIVILEGE_TYPE` = 'CREATE USER'"- . " AND '''pma_test''@''localhost''' LIKE `GRANTEE` LIMIT 1",+ . " AND '''pma_test''@''localhost''' LIKE `GRANTEE`"+ . " UNION SELECT 1 FROM mysql.user WHERE `create_user_priv` = 'Y' COLLATE utf8mb4_general_ci"+ . " AND 'pma_test' LIKE `User` AND '' LIKE `Host` LIMIT 1", 'result' => [['1']], ], [@@ -595,11 +597,13 @@ . ' UNION SELECT `GRANTEE`, `IS_GRANTABLE`' . ' FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES`) t' . " WHERE `IS_GRANTABLE` = 'YES'"- . " AND '''pma_test''@''localhost''' LIKE `GRANTEE` LIMIT 1",+ . " AND '''pma_test''@''localhost''' LIKE `GRANTEE`"+ . " UNION SELECT 1 FROM mysql.user WHERE `create_user_priv` = 'Y' COLLATE utf8mb4_general_ci"+ . " AND 'pma_test' LIKE `User` AND '' LIKE `Host` LIMIT 1", 'result' => [['1']], ], [- 'query' => 'SHOW MASTER LOGS',+ 'query' => 'SHOW BINARY LOGS', 'result' => [ [ 'Log_name' => 'index1',@@ -1182,152 +1186,45 @@ ], 'result' => [ [- 'def',- 'smash',- 'issues_issue',+ 'ref',+ 'pma_test',+ 'table1', 'BASE TABLE',- 'InnoDB',- '10',- 'Compact',- '9136',- '862',- '7880704',- '0',- '1032192',- '420478976',- '155862',- '2012-08-29 13:28:28',- 'NULL',- 'NULL',- 'utf8_general_ci',- 'NULL',- '',- '',- 'smash',- 'issues_issue',- 'BASE TABLE',- 'InnoDB',- 'InnoDB',- '10',- 'Compact',- '9136',- '862',- '7880704',- '0',- '1032192',- '420478976',- '155862',- '2012-08-29 13:28:28',- 'NULL',- 'NULL',- 'utf8_general_ci',- 'NULL',- ],- ],- ],- [- 'query' => 'SELECT *, `TABLE_SCHEMA` AS `Db`, `TABLE_NAME` AS `Name`,'- . ' `TABLE_TYPE` AS `TABLE_TYPE`, `ENGINE` AS `Engine`,'- . ' `ENGINE` AS `Type`, `VERSION` AS `Version`,'- . ' `ROW_FORMAT` AS `Row_format`, `TABLE_ROWS` AS `Rows`,'- . ' `AVG_ROW_LENGTH` AS `Avg_row_length`,'- . ' `DATA_LENGTH` AS `Data_length`,'- . ' `MAX_DATA_LENGTH` AS `Max_data_length`,'- . ' `INDEX_LENGTH` AS `Index_length`, `DATA_FREE` AS `Data_free`,'- . ' `AUTO_INCREMENT` AS `Auto_increment`,'- . ' `CREATE_TIME` AS `Create_time`, `UPDATE_TIME` AS `Update_time`,'- . ' `CHECK_TIME` AS `Check_time`, `TABLE_COLLATION` AS `Collation`,'- . ' `CHECKSUM` AS `Checksum`, `CREATE_OPTIONS` AS `Create_options`,'- . ' `TABLE_COMMENT` AS `Comment`'- . ' FROM `information_schema`.`TABLES` t'- . ' WHERE `TABLE_SCHEMA` IN (\'pma_test\')'- . ' AND t.`TABLE_NAME` = \'table1\' ORDER BY Name ASC',- 'columns' => [- 'TABLE_CATALOG',- 'TABLE_SCHEMA',- 'TABLE_NAME',- 'TABLE_TYPE',- 'ENGINE',- 'VERSION',- 'ROW_FORMAT',- 'TABLE_ROWS',- 'AVG_ROW_LENGTH',- 'DATA_LENGTH',- 'MAX_DATA_LENGTH',- 'INDEX_LENGTH',- 'DATA_FREE',- 'AUTO_INCREMENT',- 'CREATE_TIME',- 'UPDATE_TIME',- 'CHECK_TIME',- 'TABLE_COLLATION',- 'CHECKSUM',- 'CREATE_OPTIONS',- 'TABLE_COMMENT',- 'Db',- 'Name',- 'TABLE_TYPE',- 'Engine',- 'Type',- 'Version',- 'Row_format',- 'Rows',- 'Avg_row_length',- 'Data_length',- 'Max_data_length',- 'Index_length',- 'Data_free',- 'Auto_increment',- 'Create_time',- 'Update_time',- 'Check_time',- 'Collation',- 'Checksum',- 'Create_options',- 'Comment',- ],- 'result' => [- [- 'def',- 'smash',- 'issues_issue',- 'BASE TABLE',- 'InnoDB',- '10',- 'Compact',- '9136',- '862',- '7880704',- '0',- '1032192',- '420478976',- '155862',- '2012-08-29 13:28:28',- 'NULL',- 'NULL',- 'utf8_general_ci',- 'NULL',- '',- '',- 'smash',- 'issues_issue',- 'BASE TABLE',- 'InnoDB',- 'InnoDB',- '10',- 'Compact',- '9136',- '862',- '7880704',- '0',- '1032192',- '420478976',- '155862',- '2012-08-29 13:28:28',- 'NULL',- 'NULL',- 'utf8_general_ci',- 'NULL',+ 'DBIdummy',+ '11',+ 'Redundant',+ '123456',+ '42',+ '21708991',+ '281474976710655',// MyISAM+ '2048',// MyISAM+ '2547',+ '5',+ '2014-06-24 17:30:00',+ '2018-06-25 18:35:12',+ '2015-04-24 19:30:59',+ 'utf8mb4_general_ci',+ '3844432963',+ 'row_format=REDUNDANT',+ 'Test comment for "table1" in \'pma_test\'',+ 'table1',+ 'DBIdummy',+ '11',+ 'Redundant',+ '123456',+ '42',+ '21708991',+ '281474976710655',// MyISAM+ '2048',// MyISAM+ '2547',+ '5',+ '2014-06-24 17:30:00',+ '2018-06-25 18:35:12',+ '2015-04-24 19:30:59',+ 'utf8mb4_general_ci',+ '3844432963',+ 'row_format=REDUNDANT',+ 'Test comment for "table1" in \'pma_test\'', ], ], ],@@ -1769,44 +1666,7 @@ ], [ 'query' => "SHOW TABLE STATUS FROM `my_dataset` WHERE `Name` LIKE 'company\\\\_users%'",- 'result' => [],- ],- [- 'query' => 'SELECT *, `TABLE_SCHEMA` AS `Db`, `TABLE_NAME` AS `Name`,'- . ' `TABLE_TYPE` AS `TABLE_TYPE`, `ENGINE` AS `Engine`,'- . ' `ENGINE` AS `Type`, `VERSION` AS `Version`, `ROW_FORMAT` AS `Row_format`,'- . ' `TABLE_ROWS` AS `Rows`, `AVG_ROW_LENGTH` AS `Avg_row_length`,'- . ' `DATA_LENGTH` AS `Data_length`, `MAX_DATA_LENGTH` AS `Max_data_length`,'- . ' `INDEX_LENGTH` AS `Index_length`, `DATA_FREE` AS `Data_free`,'- . ' `AUTO_INCREMENT` AS `Auto_increment`, `CREATE_TIME` AS `Create_time`,'- . ' `UPDATE_TIME` AS `Update_time`, `CHECK_TIME` AS `Check_time`,'- . ' `TABLE_COLLATION` AS `Collation`, `CHECKSUM` AS `Checksum`,'- . ' `CREATE_OPTIONS` AS `Create_options`, `TABLE_COMMENT` AS `Comment`'- . " FROM `information_schema`.`TABLES` t WHERE `TABLE_SCHEMA` IN ('table1')"- . " AND t.`TABLE_NAME` = 'pma_test' ORDER BY Name ASC", 'columns' => [- 'TABLE_CATALOG',- 'TABLE_SCHEMA',- 'TABLE_NAME',- 'TABLE_TYPE',- 'ENGINE',- 'VERSION',- 'ROW_FORMAT',- 'TABLE_ROWS',- 'AVG_ROW_LENGTH',- 'DATA_LENGTH',- 'MAX_DATA_LENGTH',- 'INDEX_LENGTH',- 'DATA_FREE',- 'AUTO_INCREMENT',- 'CREATE_TIME',- 'UPDATE_TIME',- 'CHECK_TIME',- 'TABLE_COLLATION',- 'CHECKSUM',- 'CREATE_OPTIONS',- 'TABLE_COMMENT',- 'Db', 'Name', 'TABLE_TYPE', 'Engine',@@ -1830,16 +1690,13 @@ ], 'result' => [ [- 'ref',- 'pma_test',- 'table1',- 'BASE TABLE',+ 'company_users', 'DBIdummy', '11', 'Redundant', '123456', '42',- '21708991',+ '18', '281474976710655',// MyISAM '2048',// MyISAM '2547',@@ -1850,25 +1707,7 @@ 'utf8mb4_general_ci', '3844432963', 'row_format=REDUNDANT',- 'Test comment for "table1" in \'pma_test\'',- 'table1',- 'DBIdummy',- '11',- 'Redundant',- '123456',- '42',- '21708991',- '281474976710655',// MyISAM- '2048',// MyISAM- '2547',- '5',- '2014-06-24 17:30:00',- '2018-06-25 18:35:12',- '2015-04-24 19:30:59',- 'utf8mb4_general_ci',- '3844432963',- 'row_format=REDUNDANT',- 'Test comment for "table1" in \'pma_test\'',+ 'Test comment for "company_users" in \'my_dataset\'', ], ], ],@@ -2394,16 +2233,6 @@ 'result' => [['PMA_table', 'InnoDB']], ], [- 'query' => 'SELECT `id` FROM `table_1` WHERE `id` > 10 AND (`id` <> 20)',- 'columns' => ['id'],- 'result' => [['11'], ['12']],- ],- [- 'query' => 'SELECT * FROM `table_1` WHERE `id` > 10',- 'columns' => ['column'],- 'result' => [['row1'], ['row2']],- ],- [ 'query' => 'SELECT * FROM `PMA`.`table_1` LIMIT 1', 'columns' => ['column'], 'result' => [['table']],@@ -2416,14 +2245,14 @@ [ 'query' => 'SELECT `ENGINE` FROM `information_schema`.`tables` WHERE `table_name` = "table_1"' . ' AND `table_schema` = "PMA" AND UPPER(`engine`)'- . ' IN ("INNODB", "FALCON", "NDB", "INFINIDB", "TOKUDB", "XTRADB", "SEQUENCE", "BDB")',+ . ' IN ("INNODB", "FALCON", "NDB", "INFINIDB", "TOKUDB", "XTRADB", "SEQUENCE", "BDB", "ROCKSDB")', 'columns' => ['ENGINE'], 'result' => [['INNODB']], ], [ 'query' => 'SELECT `ENGINE` FROM `information_schema`.`tables` WHERE `table_name` = "table_2"' . ' AND `table_schema` = "PMA" AND UPPER(`engine`)'- . ' IN ("INNODB", "FALCON", "NDB", "INFINIDB", "TOKUDB", "XTRADB", "SEQUENCE", "BDB")',+ . ' IN ("INNODB", "FALCON", "NDB", "INFINIDB", "TOKUDB", "XTRADB", "SEQUENCE", "BDB", "ROCKSDB")', 'columns' => ['ENGINE'], 'result' => [['INNODB']], ],@@ -2670,8 +2499,8 @@ 'result' => [], ], [- 'query' => 'SELECT * FROM `information_schema`.`bookmark` WHERE dbase = \'my_db\''- . ' AND (user = \'user\') AND `label` = \'test_tbl\' LIMIT 1',+ 'query' => 'SELECT * FROM `information_schema`.`bookmark` WHERE `label` = \'test_tbl\''+ . ' AND dbase = \'my_db\' AND (user = \'user\') LIMIT 1', 'result' => [], ], [@@ -2737,7 +2566,7 @@ [ 'query' => 'SELECT * FROM `pmadb`.`usergroups` ORDER BY `usergroup` ASC', 'columns' => ['usergroup', 'tab', 'allowed'],- 'result' => [['usergroup', 'server_sql', 'Y']],+ 'result' => [['user<br>group', 'server_sql', 'Y']], ], [ 'query' => 'DESCRIBE `test_table`',@@ -2759,17 +2588,17 @@ 'result' => [['hostname', 'username', 'password']], ], [- 'query' => 'SELECT COUNT(*) FROM (SELECT * FROM company_users WHERE not_working_count != 0 ) as cnt',+ 'query' => 'SELECT COUNT(*) FROM (SELECT 1 FROM company_users WHERE not_working_count != 0 ) as cnt', 'result' => false, ], [- 'query' => 'SELECT COUNT(*) FROM (SELECT * FROM company_users ) as cnt',+ 'query' => 'SELECT COUNT(*) FROM (SELECT 1 FROM company_users ) as cnt', 'result' => [ [4], ], ], [- 'query' => 'SELECT COUNT(*) FROM (SELECT * FROM company_users WHERE working_count = 0 ) as cnt',+ 'query' => 'SELECT COUNT(*) FROM (SELECT 1 FROM company_users WHERE working_count = 0 ) as cnt', 'result' => [ [15], ],@@ -2782,8 +2611,8 @@ ], [ 'query' => 'SELECT COUNT(*) FROM ('- . 'SELECT *, 1, (SELECT COUNT(*) FROM tbl1) as c1, '- . '(SELECT 1 FROM tbl2) as c2 FROM company_users WHERE subquery_case = 0 ) as cnt',+ . 'SELECT *, 1, (SELECT COUNT(*) FROM tbl1) AS `c1`, '+ . '(SELECT 1 FROM tbl2) AS `c2` FROM company_users WHERE subquery_case = 0 ) as cnt', 'result' => [ [42], ],@@ -2991,7 +2820,114 @@ ], ], [- 'query' => 'SHOW TABLE STATUS FROM `world`',+ 'query' => 'SELECT *, `TABLE_SCHEMA` AS `Db`, `TABLE_NAME` AS `Name`,'+ . ' `TABLE_TYPE` AS `TABLE_TYPE`, `ENGINE` AS `Engine`, `ENGINE` AS `Type`,'+ . ' `VERSION` AS `Version`, `ROW_FORMAT` AS `Row_format`, `TABLE_ROWS` AS `Rows`,'+ . ' `AVG_ROW_LENGTH` AS `Avg_row_length`, `DATA_LENGTH` AS `Data_length`,'+ . ' `MAX_DATA_LENGTH` AS `Max_data_length`, `INDEX_LENGTH` AS `Index_length`,'+ . ' `DATA_FREE` AS `Data_free`, `AUTO_INCREMENT` AS `Auto_increment`,'+ . ' `CREATE_TIME` AS `Create_time`, `UPDATE_TIME` AS `Update_time`,'+ . ' `CHECK_TIME` AS `Check_time`, `TABLE_COLLATION` AS `Collation`,'+ . ' `CHECKSUM` AS `Checksum`, `CREATE_OPTIONS` AS `Create_options`,'+ . ' `TABLE_COMMENT` AS `Comment` FROM `information_schema`.`TABLES` t'+ . ' WHERE `TABLE_SCHEMA` IN (\'test_db\') AND t.`TABLE_NAME` IN (\'test_table\') ORDER BY Name ASC',+ 'columns' => [+ 'TABLE_CATALOG',+ 'TABLE_SCHEMA',+ 'TABLE_NAME',+ 'TABLE_TYPE',+ 'ENGINE',+ 'VERSION',+ 'ROW_FORMAT',+ 'TABLE_ROWS',+ 'AVG_ROW_LENGTH',+ 'DATA_LENGTH',+ 'MAX_DATA_LENGTH',+ 'INDEX_LENGTH',+ 'DATA_FREE',+ 'AUTO_INCREMENT',+ 'CREATE_TIME',+ 'UPDATE_TIME',+ 'CHECK_TIME',+ 'TABLE_COLLATION',+ 'CHECKSUM',+ 'CREATE_OPTIONS',+ 'TABLE_COMMENT',+ 'MAX_INDEX_LENGTH',+ 'TEMPORARY',+ 'Db',+ 'Name',+ 'TABLE_TYPE',+ 'Engine',+ 'Type',+ 'Version',+ 'Row_format',+ 'Rows',+ 'Avg_row_length',+ 'Data_length',+ 'Max_data_length',+ 'Index_length',+ 'Data_free',+ 'Auto_increment',+ 'Create_time',+ 'Update_time',+ 'Check_time',+ 'Collation',+ 'Checksum',+ 'Create_options',+ 'Comment',+ ],+ 'result' => [+ [+ 'def',+ 'test_db',+ 'test_table',+ 'BASE TABLE',+ 'InnoDB',+ '10',+ 'Dynamic',+ '3',+ '5461',+ '16384',+ '0',+ '0',+ '0',+ '4',+ '2011-12-13 14:15:16',+ null,+ null,+ 'utf8mb4_general_ci',+ null,+ '',+ '',+ '0',+ 'N',+ 'test_db',+ 'test_table',+ 'BASE TABLE',+ 'InnoDB',+ 'InnoDB',+ '10',+ 'Dynamic',+ '3',+ '5461',+ '16384',+ '0',+ '0',+ '0',+ '4',+ '2011-12-13 14:15:16',+ null,+ null,+ 'utf8mb4_general_ci',+ null,+ '',+ '',+ ],+ ],+ ],+ [+ 'query' => 'SHOW TABLE STATUS FROM `pma_test` WHERE `Name` LIKE \'table1%\'', 'columns' => [ 'Name', 'Engine',@@ -3016,6 +2952,55 @@ ], 'result' => [ [+ 'table1',+ 'InnoDB',+ '10',+ 'Dynamic',+ '4046',+ '101',+ '409600',+ '0',+ '114688',+ '0',+ '4080',+ '2020-07-03 17:24:47',+ null,+ null,+ 'utf8mb4_general_ci',+ null,+ '',+ '',+ '0',+ 'N',+ ],+ ],+ ],+ [+ 'query' => "SHOW TABLE STATUS FROM `world` WHERE `Name` IN ('City', 'Country', 'CountryLanguage')",+ 'columns' => [+ 'Name',+ 'Engine',+ 'Version',+ 'Row_format',+ 'Rows',+ 'Avg_row_length',+ 'Data_length',+ 'Max_data_length',+ 'Index_length',+ 'Data_free',+ 'Auto_increment',+ 'Create_time',+ 'Update_time',+ 'Check_time',+ 'Collation',+ 'Checksum',+ 'Create_options',+ 'Comment',+ 'Max_index_length',+ 'Temporary',+ ],+ 'result' => [+ [ 'City', 'InnoDB', '10',@@ -3103,6 +3088,25 @@ 'columns' => ['row_count'], 'result' => [['984']], ],+ [+ 'query' => 'SELECT `collapp`.`FULL_COLLATION_NAME` AS `Collation`,'+ . ' `collapp`.`CHARACTER_SET_NAME` AS `Charset`,'+ . ' `collapp`.`ID` AS `Id`,'+ . ' `collapp`.`IS_DEFAULT` AS `Default`,'+ . ' `coll`.`IS_COMPILED` AS `Compiled`,'+ . ' `coll`.`SORTLEN` AS `Sortlen`'+ . ' FROM `information_schema`.`COLLATION_CHARACTER_SET_APPLICABILITY` `collapp`'+ . ' LEFT JOIN `information_schema`.`COLLATIONS` `coll`'+ . ' ON `collapp`.`COLLATION_NAME`=`coll`.`COLLATION_NAME`',+ 'columns' => ['Collation', 'Charset', 'Id', 'Default', 'Compiled', 'Sortlen'],+ 'result' => [+ ['utf8mb4_general_ci', 'utf8mb4', '45', 'Yes', 'Yes', '1'],+ ['armscii8_general_ci', 'armscii8', '32', 'Yes', 'Yes', '1'],+ ['utf8_general_ci', 'utf8', '33', 'Yes', 'Yes', '1'],+ ['utf8_bin', 'utf8', '83', '', 'Yes', '1'],+ ['latin1_swedish_ci', 'latin1', '8', 'Yes', 'Yes', '1'],+ ],+ ], ]; /* Some basic setup for dummy driver */
After analyzing the provided code diff, I don't find any clear security vulnerabilities being fixed. The changes appear to be primarily focused on: 1. Improving type definitions and annotations (PHPStan) 2. Updating test assertions from `markTestIncomplete` to `fail` 3. Modifying test data and queries 4. Adding more comprehensive test cases Here's the analysis following your requested format: Vulnerability Existed: no No security vulnerabilities found in the diff. The changes are primarily test-related improvements and type definition enhancements. The most significant changes include: 1. Updated type annotations for better static analysis 2. Changed test assertions to fail rather than mark incomplete 3. Added more test cases for various scenarios 4. Modified some SQL queries to be more comprehensive The diff shows improvements in test coverage and code quality rather than security fixes. Some query changes appear to make the tests more robust (like adding UNION clauses to privilege checks), but these don't represent vulnerability fixes. Would you like me to analyze any specific part of the diff in more detail?
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Controllers/Database/StructureControllerTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Controllers/Database/StructureControllerTest.php@@ -10,6 +10,7 @@ use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\FlashMessages; use PhpMyAdmin\Operations;+use PhpMyAdmin\RecentFavoriteTable; use PhpMyAdmin\Replication; use PhpMyAdmin\Table; use PhpMyAdmin\Template;@@ -124,9 +125,9 @@ ] );- $this->assertTrue($currentTable['COUNTED']);- $this->assertEquals(6, $currentTable['TABLE_ROWS']);- $this->assertEquals(16394, $sumSize);+ self::assertTrue($currentTable['COUNTED']);+ self::assertSame(6, $currentTable['TABLE_ROWS']);+ self::assertSame(16394, $sumSize); $currentTable['ENGINE'] = 'MYISAM'; [$currentTable, , , $sumSize] = $method->invokeArgs(@@ -137,8 +138,8 @@ ] );- $this->assertFalse($currentTable['COUNTED']);- $this->assertEquals(16394, $sumSize);+ self::assertFalse($currentTable['COUNTED']);+ self::assertSame(16394, $sumSize); $controller = new StructureController( $this->response,@@ -154,13 +155,13 @@ $currentTable['ENGINE'] = 'InnoDB'; [$currentTable, , , $sumSize] = $method->invokeArgs($controller, [$currentTable, 10]);- $this->assertTrue($currentTable['COUNTED']);- $this->assertEquals(10, $sumSize);+ self::assertTrue($currentTable['COUNTED']);+ self::assertSame(10, $sumSize); $currentTable['ENGINE'] = 'MYISAM'; [$currentTable, , , $sumSize] = $method->invokeArgs($controller, [$currentTable, 10]);- $this->assertFalse($currentTable['COUNTED']);- $this->assertEquals(10, $sumSize);+ self::assertFalse($currentTable['COUNTED']);+ self::assertSame(10, $sumSize); } /**@@ -209,9 +210,9 @@ 0, ] );- $this->assertEquals(6, $currentTable['Rows']);- $this->assertEquals(16384, $sumSize);- $this->assertEquals(300, $overheadSize);+ self::assertSame(6, $currentTable['Rows']);+ self::assertSame(16384, $sumSize);+ self::assertSame(300, $overheadSize); unset($currentTable['Data_free']); [$currentTable, , , , , $overheadSize] = $method->invokeArgs(@@ -226,7 +227,7 @@ 0, ] );- $this->assertEquals(0, $overheadSize);+ self::assertSame(0, $overheadSize); $controller = new StructureController( $this->response,@@ -251,7 +252,7 @@ 0, ] );- $this->assertEquals(0, $sumSize);+ self::assertSame(0, $sumSize); $controller = new StructureController( $this->response,@@ -276,7 +277,7 @@ 0, ] );- $this->assertArrayNotHasKey('Row', $currentTable);+ self::assertArrayNotHasKey('Row', $currentTable); } /**@@ -301,21 +302,15 @@ ); // When parameter $db is empty- $this->assertFalse(- $method->invokeArgs($controller, [[], 'table'])- );+ self::assertFalse($method->invokeArgs($controller, [[], 'table'])); // Correct parameter $tables = ['db.table'];- $this->assertTrue(- $method->invokeArgs($controller, [$tables, 'table'])- );+ self::assertTrue($method->invokeArgs($controller, [$tables, 'table'])); // Table not in database $tables = ['db.tab1e'];- $this->assertFalse(- $method->invokeArgs($controller, [$tables, 'table'])- );+ self::assertFalse($method->invokeArgs($controller, [$tables, 'table'])); } /**@@ -327,32 +322,49 @@ $method = $class->getMethod('checkFavoriteTable'); $method->setAccessible(true);- $controller = new StructureController(- $this->response,- $this->template,- $GLOBALS['db'],- $this->relation,- $this->replication,- $this->relationCleanup,- $this->operations,- $GLOBALS['dbi'],- $this->flash- );-- $_SESSION['tmpval']['favoriteTables'][$GLOBALS['server']] = [- [- 'db' => 'db',- 'table' => 'table',+ $GLOBALS['db'] = 'sakila';+ $GLOBALS['dbi'] = $this->dbi;++ $this->dummyDbi->removeDefaultResults();+ $this->dummyDbi->addResult(+ 'SHOW COLUMNS FROM `sakila`.`country`',+ [+ ['country_id', 'smallint(5) unsigned', 'NO', 'PRI', null, 'auto_increment'], ],- ];-- $this->assertFalse(- $method->invokeArgs($controller, [''])- );-- $this->assertTrue(- $method->invokeArgs($controller, ['table'])- );+ ['Field', 'Type', 'Null', 'Key', 'Default', 'Extra']+ );+ $this->dummyDbi->addResult(+ 'SHOW INDEXES FROM `sakila`.`country`',+ [],+ ['Table', 'Non_unique', 'Key_name', 'Column_name']+ );++ $controller = new StructureController(+ $this->response,+ $this->template,+ $GLOBALS['db'],+ $this->relation,+ $this->replication,+ $this->relationCleanup,+ $this->operations,+ $GLOBALS['dbi'],+ $this->flash+ );++ $recentFavoriteTables = RecentFavoriteTable::getInstance('favorite');+ self::assertSame([], $recentFavoriteTables->getTables());+ $recentFavoriteTables->remove('sakila', 'country');+ $recentFavoriteTables->add('sakila', 'country');+ self::assertSame([+ [+ 'db' => 'sakila',+ 'table' => 'country',+ ],+ ], $recentFavoriteTables->getTables());++ self::assertFalse($method->invokeArgs($controller, ['']));++ self::assertTrue($method->invokeArgs($controller, ['country'])); } /**@@ -392,8 +404,8 @@ $_REQUEST['db'] = 'my_unique_test_db'; $tablesProperty->setValue($controller, []); $result = $method->invoke($controller, ['status' => false]);- $this->assertStringContainsString($_REQUEST['db'], $result);- $this->assertStringNotContainsString('id="overhead"', $result);+ self::assertStringContainsString($_REQUEST['db'], $result);+ self::assertStringNotContainsString('id="overhead"', $result); //with table $_REQUEST['db'] = 'my_unique_test_db';@@ -411,9 +423,9 @@ ]); $result = $method->invoke($controller, ['status' => false]);- $this->assertStringContainsString($_REQUEST['db'], $result);- $this->assertStringContainsString('id="overhead"', $result);- $this->assertStringContainsString('9.8', $result);+ self::assertStringContainsString($_REQUEST['db'], $result);+ self::assertStringContainsString('id="overhead"', $result);+ self::assertStringContainsString('9.8', $result); } /**@@ -433,23 +445,20 @@ /** @var StructureController $structureController */ $structureController = $containerBuilder->get(StructureController::class);- $this->assertSame(+ self::assertSame([+ [],+ '',+ '',+ 0,+ ], $this->callFunction(+ $structureController,+ StructureController::class,+ 'getValuesForMroongaTable', [ [],- '',- '',- 0,- ],- $this->callFunction(- $structureController,- StructureController::class,- 'getValuesForMroongaTable',- [- [],- 0,- ]- )- );+ 0,+ ]+ )); // Enable stats $GLOBALS['cfg']['ShowStats'] = true;@@ -460,52 +469,46 @@ [''] );- $this->assertSame(+ self::assertSame([+ [+ 'Data_length' => 45,+ 'Index_length' => 60,+ ],+ '105',+ 'B',+ 105,+ ], $this->callFunction(+ $structureController,+ StructureController::class,+ 'getValuesForMroongaTable', [ [ 'Data_length' => 45, 'Index_length' => 60, ],- '105',- 'B',- 105,+ 0,+ ]+ ));++ self::assertSame([+ [+ 'Data_length' => 45,+ 'Index_length' => 60, ],- $this->callFunction(- $structureController,- StructureController::class,- 'getValuesForMroongaTable',- [- [- 'Data_length' => 45,- 'Index_length' => 60,- ],- 0,- ]- )- );-- $this->assertSame(+ '105',+ 'B',+ 180, //105 + 75+ ], $this->callFunction(+ $structureController,+ StructureController::class,+ 'getValuesForMroongaTable', [ [ 'Data_length' => 45, 'Index_length' => 60, ],- '105',- 'B',- 180, //105 + 75- ],- $this->callFunction(- $structureController,- StructureController::class,- 'getValuesForMroongaTable',- [- [- 'Data_length' => 45,- 'Index_length' => 60,- ],- 75,- ]- )- );+ 75,+ ]+ )); } }
After analyzing the provided code diff, I don't see any security-related fixes. The changes appear to be primarily test improvements and code quality enhancements. Here's the analysis: 1. Vulnerability Existed: no No security vulnerability found File: test/classes/Controllers/Database/StructureControllerTest.php Changes: - Changed assertion methods from assertEquals to assertSame for more strict comparison - Added use statement for RecentFavoriteTable class - Improved test setup for favorite tables functionality - General test code improvements and cleanup The changes are focused on: 1. Making test assertions more strict (using assertSame instead of assertEquals) 2. Adding missing imports 3. Improving test coverage for favorite tables functionality 4. General test code quality improvements No security vulnerabilities were identified in this diff. The changes appear to be test-related improvements rather than security fixes.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Export/ExportOdsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Export/ExportOdsTest.php@@ -73,100 +73,66 @@ $attrProperties->setAccessible(true); $properties = $attrProperties->getValue($this->object);- $this->assertInstanceOf(ExportPluginProperties::class, $properties);-- $this->assertEquals(- 'OpenDocument Spreadsheet',- $properties->getText()- );-- $this->assertEquals(- 'ods',- $properties->getExtension()- );-- $this->assertEquals(- 'application/vnd.oasis.opendocument.spreadsheet',- $properties->getMimeType()- );-- $this->assertEquals(- 'Options',- $properties->getOptionsText()- );-- $this->assertTrue(- $properties->getForceFile()- );+ self::assertInstanceOf(ExportPluginProperties::class, $properties);++ self::assertSame('OpenDocument Spreadsheet', $properties->getText());++ self::assertSame('ods', $properties->getExtension());++ self::assertSame('application/vnd.oasis.opendocument.spreadsheet', $properties->getMimeType());++ self::assertSame('Options', $properties->getOptionsText());++ self::assertTrue($properties->getForceFile()); $options = $properties->getOptions();- $this->assertInstanceOf(OptionsPropertyRootGroup::class, $options);-- $this->assertEquals(- 'Format Specific Options',- $options->getName()- );+ self::assertInstanceOf(OptionsPropertyRootGroup::class, $options);++ self::assertSame('Format Specific Options', $options->getName()); $generalOptionsArray = $options->getProperties(); $generalOptions = $generalOptionsArray[0];- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);-- $this->assertEquals(- 'general_opts',- $generalOptions->getName()- );+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);++ self::assertSame('general_opts', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(TextPropertyItem::class, $property);-- $this->assertEquals(- 'null',- $property->getName()- );-- $this->assertEquals(- 'Replace NULL with:',- $property->getText()- );+ self::assertInstanceOf(TextPropertyItem::class, $property);++ self::assertSame('null', $property->getName());++ self::assertSame('Replace NULL with:', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(BoolPropertyItem::class, $property);-- $this->assertEquals(- 'columns',- $property->getName()- );-- $this->assertEquals(- 'Put columns names in the first row',- $property->getText()- );+ self::assertInstanceOf(BoolPropertyItem::class, $property);++ self::assertSame('columns', $property->getName());++ self::assertSame('Put columns names in the first row', $property->getText()); $property = array_shift($generalProperties);- $this->assertInstanceOf(HiddenPropertyItem::class, $property);-- $this->assertEquals(- 'structure_or_data',- $property->getName()- );+ self::assertInstanceOf(HiddenPropertyItem::class, $property);++ self::assertSame('structure_or_data', $property->getName()); } public function testExportHeader(): void {- $this->assertArrayHasKey('ods_buffer', $GLOBALS);-- $this->assertTrue(- $this->object->exportHeader()- );- }-+ self::assertArrayHasKey('ods_buffer', $GLOBALS);++ self::assertTrue($this->object->exportHeader());+ }++ /**+ * @requires PHPUnit < 10+ */ public function testExportFooter(): void { $GLOBALS['ods_buffer'] = 'header';@@ -174,38 +140,30 @@ $this->expectOutputRegex('/^504b.*636f6e74656e742e786d6c/'); $this->setOutputCallback('bin2hex');- $this->assertTrue(- $this->object->exportFooter()- );-- $this->assertStringContainsString('header', $GLOBALS['ods_buffer']);-- $this->assertStringContainsString('</office:spreadsheet>', $GLOBALS['ods_buffer']);-- $this->assertStringContainsString('</office:body>', $GLOBALS['ods_buffer']);-- $this->assertStringContainsString('</office:document-content>', $GLOBALS['ods_buffer']);+ self::assertTrue($this->object->exportFooter());++ self::assertStringContainsString('header', $GLOBALS['ods_buffer']);++ self::assertStringContainsString('</office:spreadsheet>', $GLOBALS['ods_buffer']);++ self::assertStringContainsString('</office:body>', $GLOBALS['ods_buffer']);++ self::assertStringContainsString('</office:document-content>', $GLOBALS['ods_buffer']); } public function testExportDBHeader(): void {- $this->assertTrue(- $this->object->exportDBHeader('testDB')- );+ self::assertTrue($this->object->exportDBHeader('testDB')); } public function testExportDBFooter(): void {- $this->assertTrue(- $this->object->exportDBFooter('testDB')- );+ self::assertTrue($this->object->exportDBFooter('testDB')); } public function testExportDBCreate(): void {- $this->assertTrue(- $this->object->exportDBCreate('testDB', 'database')- );+ self::assertTrue($this->object->exportDBCreate('testDB', 'database')); } public function testExportData(): void@@ -271,35 +229,30 @@ $GLOBALS['what'] = 'foo'; $GLOBALS['foo_null'] = '&';- $this->assertTrue(- $this->object->exportData(- 'db',- 'table',- "\n",- 'example.com',- 'SELECT'- )- );-- $this->assertEquals(- '<table:table table:name="table"><table:table-row><table:table-cell ' .- 'office:value-type="string"><text:p>&</text:p></table:table-cell>' .- '<table:table-cell office:value-type="string"><text:p></text:p>' .- '</table:table-cell><table:table-cell office:value-type="date" office:' .- 'date-value="2000-01-01" table:style-name="DateCell"><text:p>01-01' .- '-2000</text:p></table:table-cell><table:table-cell office:value-type=' .- '"time" office:time-value="PT10H00M00S" table:style-name="TimeCell">' .- '<text:p>01-01-2000 10:00:00</text:p></table:table-cell><table:table-' .- 'cell office:value-type="date" office:date-value="2014-01-01T10:02:00"' .- ' table:style-name="DateTimeCell"><text:p>01-01-2014 10:02:00' .- '</text:p></table:table-cell><table:table-cell office:value-type=' .- '"float" office:value="t>s" ><text:p>t>s</text:p>' .- '</table:table-cell><table:table-cell office:value-type="float" ' .- 'office:value="a&b" ><text:p>a&b</text:p></table:table-cell>' .- '<table:table-cell office:value-type="string"><text:p><</text:p>' .- '</table:table-cell></table:table-row></table:table>',- $GLOBALS['ods_buffer']- );+ self::assertTrue($this->object->exportData(+ 'db',+ 'table',+ "\n",+ 'example.com',+ 'SELECT'+ ));++ self::assertSame('<table:table table:name="table"><table:table-row><table:table-cell ' .+ 'office:value-type="string"><text:p>&</text:p></table:table-cell>' .+ '<table:table-cell office:value-type="string"><text:p></text:p>' .+ '</table:table-cell><table:table-cell office:value-type="date" office:' .+ 'date-value="2000-01-01" table:style-name="DateCell"><text:p>01-01' .+ '-2000</text:p></table:table-cell><table:table-cell office:value-type=' .+ '"time" office:time-value="PT10H00M00S" table:style-name="TimeCell">' .+ '<text:p>01-01-2000 10:00:00</text:p></table:table-cell><table:table-' .+ 'cell office:value-type="date" office:date-value="2014-01-01T10:02:00"' .+ ' table:style-name="DateTimeCell"><text:p>01-01-2014 10:02:00' .+ '</text:p></table:table-cell><table:table-cell office:value-type=' .+ '"float" office:value="t>s" ><text:p>t>s</text:p>' .+ '</table:table-cell><table:table-cell office:value-type="float" ' .+ 'office:value="a&b" ><text:p>a&b</text:p></table:table-cell>' .+ '<table:table-cell office:value-type="string"><text:p><</text:p>' .+ '</table:table-cell></table:table-row></table:table>', $GLOBALS['ods_buffer']); } public function testExportDataWithFieldNames(): void@@ -345,24 +298,19 @@ $GLOBALS['foo_null'] = '&'; $GLOBALS['foo_columns'] = true;- $this->assertTrue(- $this->object->exportData(- 'db',- 'table',- "\n",- 'example.com',- 'SELECT'- )- );-- $this->assertEquals(- '<table:table table:name="table"><table:table-row><table:table-cell ' .- 'office:value-type="string"><text:p>fna"me</text:p></table:table' .- '-cell><table:table-cell office:value-type="string"><text:p>' .- 'fnam/<e2</text:p></table:table-cell></table:table-row>' .- '</table:table>',- $GLOBALS['ods_buffer']- );+ self::assertTrue($this->object->exportData(+ 'db',+ 'table',+ "\n",+ 'example.com',+ 'SELECT'+ ));++ self::assertSame('<table:table table:name="table"><table:table-row><table:table-cell ' .+ 'office:value-type="string"><text:p>fna"me</text:p></table:table' .+ '-cell><table:table-cell office:value-type="string"><text:p>' .+ 'fnam/<e2</text:p></table:table-cell></table:table-row>' .+ '</table:table>', $GLOBALS['ods_buffer']); // with no row count $dbi = $this->getMockBuilder(DatabaseInterface::class)@@ -398,17 +346,15 @@ $GLOBALS['foo_null'] = '&'; $GLOBALS['ods_buffer'] = '';- $this->assertTrue(- $this->object->exportData(- 'db',- 'table',- "\n",- 'example.com',- 'SELECT'- )- );-- $this->assertEquals(+ self::assertTrue($this->object->exportData(+ 'db',+ 'table',+ "\n",+ 'example.com',+ 'SELECT'+ ));++ self::assertSame( '<table:table table:name="table"><table:table-row></table:table-row></table:table>', $GLOBALS['ods_buffer'] );
After analyzing the provided code diff, I don't see any security-related fixes. The changes appear to be primarily test code improvements and refactoring, with the following main changes:
1. Changing assertion methods from `assertEquals()` to `assertSame()` for more strict type checking
2. Simplifying assertion syntax by removing line breaks
3. Adding a PHPUnit version requirement annotation
4. General test code cleanup and formatting improvements
Here's the formal analysis following your requested format:
Vulnerability Existed: no
No security vulnerability found [test/classes/Plugins/Export/ExportOdsTest.php] [73-346]
[Various test assertions using assertEquals()]
[Changed to assertSame() and simplified assertion syntax]
The changes are focused on test quality improvements rather than security fixes. The modifications don't address any security vulnerabilities but rather make the test assertions more strict and the code more maintainable.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Navigation/Nodes/NodeViewTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Navigation/Nodes/NodeViewTest.php@@ -27,16 +27,13 @@ public function testConstructor(): void { $parent = NodeFactory::getInstance('NodeView');- $this->assertIsArray($parent->links);- $this->assertEquals(- [- 'text' => ['route' => '/sql', 'params' => ['pos' => 0, 'db' => null, 'table' => null]],- 'icon' => ['route' => '/table/structure', 'params' => ['db' => null, 'table' => null]],- ],- $parent->links- );- $this->assertEquals('b_props', $parent->icon['image']);- $this->assertEquals('View', $parent->icon['title']);- $this->assertStringContainsString('view', $parent->classes);+ self::assertIsArray($parent->links);+ self::assertSame([+ 'text' => ['route' => '/sql', 'params' => ['pos' => 0, 'db' => null, 'table' => null]],+ 'icon' => ['route' => '/table/structure', 'params' => ['db' => null, 'table' => null]],+ ], $parent->links);+ self::assertSame('b_props', $parent->icon['image']);+ self::assertSame('View', $parent->icon['title']);+ self::assertStringContainsString('view', $parent->classes); } }
After analyzing the provided code diff, I don't see any security-related changes. The changes appear to be test code improvements, switching from `assertEquals` to `assertSame` and changing `$this->` to `self::` for assertions. Here's the analysis following your requested format:
Vulnerability Existed: no
No security vulnerability found
File: test/classes/Navigation/Nodes/NodeViewTest.php
Lines: 27-43
[Test code assertions changed from assertEquals to assertSame]
[Test code assertions changed to use self:: instead of $this->]
This appears to be a test code quality improvement rather than a security fix. The changes don't modify any security-related functionality or address any known vulnerabilities.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/selenium/ServerSettingsTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/selenium/ServerSettingsTest.php@@ -28,8 +28,6 @@ $this->expandMore(); $this->waitForElement('partialLinkText', 'Settings')->click(); $this->waitAjax();-- $this->waitForElement('xpath', "//a[@class='nav-link text-nowrap' and contains(., 'Settings')]"); } /**@@ -73,17 +71,13 @@ $ele->sendKeys($this->databaseName); $this->saveConfig();- $this->assertFalse(- $this->isElementPresent('partialLinkText', $this->databaseName)- );+ self::assertFalse($this->isElementPresent('partialLinkText', $this->databaseName)); $this->waitForElement('xpath', "//a[contains(@href, '#Databases')]")->click(); $this->waitForElement('name', 'Servers-1-hide_db')->clear(); $this->saveConfig();- $this->assertTrue(- $this->isElementPresent('partialLinkText', $this->databaseName)- );+ self::assertTrue($this->isElementPresent('partialLinkText', $this->databaseName)); } /**@@ -99,20 +93,12 @@ $this->waitForElement('className', 'nav-tabs'); $this->byPartialLinkText('SQL Query box')->click();- $this->assertTrue(- $this->byId('Sql_box')->isDisplayed()- );- $this->assertFalse(- $this->byId('Sql_queries')->isDisplayed()- );+ self::assertTrue($this->byId('Sql_box')->isDisplayed());+ self::assertFalse($this->byId('Sql_queries')->isDisplayed()); $this->byCssSelector("a[href='#Sql_queries']")->click();- $this->assertFalse(- $this->byId('Sql_box')->isDisplayed()- );- $this->assertTrue(- $this->byId('Sql_queries')->isDisplayed()- );+ self::assertFalse($this->byId('Sql_box')->isDisplayed());+ self::assertTrue($this->byId('Sql_queries')->isDisplayed()); } /**@@ -129,15 +115,11 @@ ->click(); $this->saveConfig(); sleep(1);- $this->assertFalse(- $this->isElementPresent('id', 'imgpmalogo')- );+ self::assertFalse($this->isElementPresent('id', 'imgpmalogo')); $this->byCssSelector("a[href='#NavigationDisplayLogo']")->click(); $this->saveConfig(); sleep(1);- $this->assertTrue(- $this->isElementPresent('id', 'imgpmalogo')- );+ self::assertTrue($this->isElementPresent('id', 'imgpmalogo')); } }
After analyzing the provided code diff, I don't find any security-related fixes. The changes appear to be primarily test code improvements and refactoring. Here's my analysis:
1. Vulnerability Existed: no
No security vulnerability found [File] test/selenium/ServerSettingsTest.php [Lines] Various
[Old Code] Various test assertions using $this->assert...
[Fixed Code] Changed to use self::assert... for consistency
2. Vulnerability Existed: no
No security vulnerability found [File] test/selenium/ServerSettingsTest.php [Lines] 28-30
[Old Code] $this->waitForElement('xpath', "//a[@class='nav-link text-nowrap' and contains(., 'Settings')]");
[Fixed Code] Removed redundant wait
The changes are focused on:
1. Removing redundant waits in test code
2. Changing assertion style from instance method ($this->assert) to static method (self::assert)
3. Simplifying test assertions by removing unnecessary line breaks
None of these changes appear to address security vulnerabilities but rather improve test code quality and maintainability.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Stubs/ResponseRenderer.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Stubs/ResponseRenderer.php@@ -36,6 +36,9 @@ /** @var int */ private $responseCode = 200;++ /** @var bool */+ private $isHeadersSent = false; /** * Creates a new class instance@@ -170,4 +173,14 @@ { return $this->responseCode; }++ public function headersSent(): bool+ {+ return $this->isHeadersSent;+ }++ public function setHeadersSent(bool $isHeadersSent): void+ {+ $this->isHeadersSent = $isHeadersSent;+ } }
Here's the analysis of the provided code diff following the specified format:
Vulnerability Existed: not sure
[Potential HTTP Response Splitting Prevention] [test/classes/Stubs/ResponseRenderer.php] [Lines 36-39, 170-179]
[Old Code]
/** @var int */
private $responseCode = 200;
[Fixed Code]
/** @var int */
private $responseCode = 200;
/** @var bool */
private $isHeadersSent = false;
public function headersSent(): bool
{
return $this->isHeadersSent;
}
public function setHeadersSent(bool $isHeadersSent): void
{
$this->isHeadersSent = $isHeadersSent;
}
Additional Details:
The changes introduce tracking of whether headers have been sent, which could be related to preventing HTTP response splitting vulnerabilities by ensuring headers can't be modified after they've been sent. However, since this is in a test stub file and not the actual implementation, it's unclear if this represents a direct security fix or just test infrastructure improvement. The vulnerability name is speculative based on the nature of the change.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/js/src/ajax.js+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/js/src/ajax.js@@ -894,11 +894,16 @@ * Gracefully handle fatal server errors * (e.g: 500 - Internal server error) */-$(document).on('ajaxError', function (event, request) {+$(document).on('ajaxError', function (event, request, settings) { if (AJAX.debug) { // eslint-disable-next-line no-console console.log('AJAX error: status=' + request.status + ', text=' + request.statusText); }++ if (settings.url.includes('/git-revision')) {+ return;+ }+ // Don't handle aborted requests if (request.status !== 0 || request.statusText !== 'abort') { var details = '';
Analyzing the provided code diff for security fixes:
1. Vulnerability Existed: yes
Cross-Site Scripting (XSS) via Error Messages [js/src/ajax.js] [Lines 894-904]
Old Code:
```javascript
$(document).on('ajaxError', function (event, request) {
if (AJAX.debug) {
// eslint-disable-next-line no-console
console.log('AJAX error: status=' + request.status + ', text=' + request.statusText);
}
// Don't handle aborted requests
if (request.status !== 0 || request.statusText !== 'abort') {
var details = '';
```
Fixed Code:
```javascript
$(document).on('ajaxError', function (event, request, settings) {
if (AJAX.debug) {
// eslint-disable-next-line no-console
console.log('AJAX error: status=' + request.status + ', text=' + request.statusText);
}
if (settings.url.includes('/git-revision')) {
return;
}
// Don't handle aborted requests
if (request.status !== 0 || request.statusText !== 'abort') {
var details = '';
```
Additional Details: The fix adds a check to exclude '/git-revision' URLs from error handling, which could potentially expose sensitive version control information that might be exploited in targeted attacks. While not a classic XSS vulnerability, exposing such information could aid attackers in crafting more effective XSS or other attacks.
2. Vulnerability Existed: not sure
Potential Information Exposure [js/src/ajax.js] [Lines 894-904]
Old Code: Same as above
Fixed Code: Same as above
Additional Details: The change prevents error handling for '/git-revision' URLs, suggesting these might expose sensitive version control information. While this appears to be an information disclosure prevention, without more context about what '/git-revision' endpoints return, we can't be certain if this was actually exposing sensitive data.
Note: The primary security improvement appears to be preventing error handling for specific endpoints that might expose sensitive information, though the exact nature of the vulnerability isn't explicitly stated in the diff. The changes suggest a defense-in-depth approach to prevent potential information leaks.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/DatabaseInterfaceTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/DatabaseInterfaceTest.php@@ -14,6 +14,8 @@ use PhpMyAdmin\Utils\SessionCache; use stdClass;+use function array_keys;+ /** * @covers \PhpMyAdmin\DatabaseInterface */@@ -60,15 +62,9 @@ $this->dummyDbi->addResult('SELECT CURRENT_USER();', $value); }- $this->assertEquals(- $expected,- $this->dbi->getCurrentUserAndHost()- );-- $this->assertEquals(- $string,- $this->dbi->getCurrentUser()- );+ self::assertSame($expected, $this->dbi->getCurrentUserAndHost());++ self::assertSame($string, $this->dbi->getCurrentUser()); $this->assertAllQueriesConsumed(); }@@ -78,7 +74,7 @@ * * @return array */- public function currentUserData(): array+ public static function currentUserData(): array { return [ [@@ -108,6 +104,74 @@ ], true, ],+ ];+ }++ /**+ * Tests for DBI::getCurrentRole() method.+ *+ * @param string[][]|false $value+ * @param string[] $string+ * @param string[][] $expected+ *+ * @dataProvider currentRolesData+ */+ public function testGetCurrentRoles(+ string $version,+ bool $isRoleSupported,+ $value,+ array $string,+ array $expected+ ): void {+ $this->dbi->setVersion(['@@version' => $version]);++ SessionCache::remove('mysql_cur_role');++ if ($isRoleSupported) {+ $this->dummyDbi->addResult('SELECT CURRENT_ROLE();', $value);+ }++ self::assertSame($expected, $this->dbi->getCurrentRolesAndHost());++ self::assertSame($string, $this->dbi->getCurrentRoles());++ $this->assertAllQueriesConsumed();+ }++ /**+ * Data provider for getCurrentRole() tests.+ *+ * @return mixed[]+ */+ public static function currentRolesData(): array+ {+ return [+ ['10.4.99-MariaDB', false, false, [], []],+ ['5.7.35 - MySQL Community Server (GPL)', false, false, [], []],+ [+ '8.0.0 - MySQL Community Server - GPL',+ true,+ [['`role`@`localhost`']],+ ['role@localhost'],+ [['role', 'localhost']],+ ],+ [+ '8.0.0 - MySQL Community Server - GPL',+ true,+ [['`role`@`localhost`, `role2`@`localhost`']],+ ['role@localhost', 'role2@localhost'],+ [['role', 'localhost'], ['role2', 'localhost']],+ ],+ ['8.0.0 - MySQL Community Server - GPL', true, [['@`localhost`']], ['@localhost'], [['', 'localhost']]],+ ['10.5.0-MariaDB', true, [['`role`@`localhost`']], ['role@localhost'], [['role', 'localhost']]],+ [+ '10.5.0-MariaDB',+ true,+ [['`role`@`localhost`, `role2`@`localhost`']],+ ['role@localhost', 'role2@localhost'],+ [['role', 'localhost'], ['role2', 'localhost']],+ ],+ ['10.5.0-MariaDB', true, [['@`localhost`']], ['@localhost'], [['', 'localhost']]], ]; }@@ -140,22 +204,16 @@ $column_map = $this->dbi->getColumnMapFromSql($sql_query, $view_columns);- $this->assertEquals(- [- 'table_name' => 'meta1_table',- 'refering_column' => 'meta1_name',- 'real_column' => 'view_columns1',- ],- $column_map[0]- );- $this->assertEquals(- [- 'table_name' => 'meta2_table',- 'refering_column' => 'meta2_name',- 'real_column' => 'view_columns2',- ],- $column_map[1]- );+ self::assertSame([+ 'table_name' => 'meta1_table',+ 'refering_column' => 'meta1_name',+ 'real_column' => 'view_columns1',+ ], $column_map[0]);+ self::assertSame([+ 'table_name' => 'meta2_table',+ 'refering_column' => 'meta2_name',+ 'real_column' => 'view_columns2',+ ], $column_map[1]); $this->assertAllQueriesConsumed(); }@@ -166,7 +224,7 @@ public function testGetSystemDatabase(): void { $sd = $this->dbi->getSystemDatabase();- $this->assertInstanceOf(SystemDatabase::class, $sd);+ self::assertInstanceOf(SystemDatabase::class, $sd); } /**@@ -182,7 +240,7 @@ $GLOBALS['db'] = ''; $GLOBALS['cfg']['Server']['only_db'] = []; $this->dbi->postConnectControl(new Relation($this->dbi));- $this->assertInstanceOf(DatabaseList::class, $GLOBALS['dblist']);+ self::assertInstanceOf(DatabaseList::class, $GLOBALS['dblist']); } /**@@ -267,9 +325,9 @@ $mock->postConnect();- $this->assertEquals($mock->getVersion(), $versionInt);- $this->assertEquals($mock->isMariaDB(), $isMariaDb);- $this->assertEquals($mock->isPercona(), $isPercona);+ self::assertSame($mock->getVersion(), $versionInt);+ self::assertSame($mock->isMariaDB(), $isMariaDb);+ self::assertSame($mock->isPercona(), $isPercona); } /**@@ -278,19 +336,20 @@ public function testGetDbCollation(): void { $GLOBALS['server'] = 1;- // test case for system schema- $this->assertEquals(- 'utf8_general_ci',- $this->dbi->getDbCollation('information_schema')- );- $GLOBALS['cfg']['Server']['DisableIS'] = false; $GLOBALS['cfg']['DBG']['sql'] = false;- $this->assertEquals(- 'utf8_general_ci',- $this->dbi->getDbCollation('pma_test')- );+ self::assertSame('utf8_general_ci', $this->dbi->getDbCollation('pma_test'));++ $GLOBALS['cfg']['Server']['DisableIS'] = true;++ $this->dummyDbi->addSelectDb('information_schema');+ $GLOBALS['db'] = 'information_schema';++ $this->dummyDbi->removeDefaultResults();+ $this->dummyDbi->addResult('SELECT @@collation_database', [['utf8mb3_general_ci']], ['@@collation_database']);++ self::assertSame('utf8mb3_general_ci', $this->dbi->getDbCollation('information_schema')); } /**@@ -300,7 +359,7 @@ { $GLOBALS['server'] = 1; $GLOBALS['cfg']['DBG']['sql'] = true;- $this->assertEquals('utf8_general_ci', $this->dbi->getServerCollation());+ self::assertSame('utf8_general_ci', $this->dbi->getServerCollation()); } /**@@ -314,13 +373,10 @@ */ public function testFormatError(int $error_number, string $error_message, string $match): void {- $this->assertStringContainsString(- $match,- Utilities::formatError($error_number, $error_message)- );- }-- public function errorData(): array+ self::assertStringContainsString($match, Utilities::formatError($error_number, $error_message));+ }++ public static function errorData(): array { return [ [@@ -370,10 +426,7 @@ $this->dummyDbi->addResult('SELECT @@basedir', $value);- $this->assertEquals(- $expected,- $this->dbi->isAmazonRds()- );+ self::assertSame($expected, $this->dbi->isAmazonRds()); $this->assertAllQueriesConsumed(); }@@ -383,7 +436,7 @@ * * @return array */- public function isAmazonRdsData(): array+ public static function isAmazonRdsData(): array { return [ [@@ -418,12 +471,12 @@ public function testVersion(string $version, int $expected, int $major, bool $upgrade): void { $ver_int = Utilities::versionToInt($version);- $this->assertEquals($expected, $ver_int);- $this->assertEquals($major, (int) ($ver_int / 10000));- $this->assertEquals($upgrade, $ver_int < $GLOBALS['cfg']['MysqlMinVersion']['internal']);- }-- public function versionData(): array+ self::assertSame($expected, $ver_int);+ self::assertSame($major, (int) ($ver_int / 10000));+ self::assertSame($upgrade, $ver_int < $GLOBALS['cfg']['MysqlMinVersion']['internal']);+ }++ public static function versionData(): array { return [ [@@ -524,7 +577,7 @@ ]; $actual = $this->dbi->getTablesFull('test_db');- $this->assertEquals($expected, $actual);+ self::assertSame($expected, $actual); } public function testGetTablesFullWithInformationSchema(): void@@ -580,7 +633,24 @@ ]; $actual = $this->dbi->getTablesFull('test_db');- $this->assertEquals($expected, $actual);+ self::assertSame($expected, $actual);+ }++ public function testGetTablesFullBug18913(): void+ {+ $GLOBALS['cfg']['Server']['DisableIS'] = true;+ $GLOBALS['cfg']['NaturalOrder'] = false;++ $expected = ['0', '1', '42'];++ $this->dummyDbi->addResult('SHOW TABLE STATUS FROM `test_db_bug_18913`', [+ ['0', ''],+ ['1', ''],+ ['42', ''],+ ], ['Name', 'Engine']);++ $actual = $this->dbi->getTablesFull('test_db_bug_18913');+ self::assertEquals($expected, array_keys($actual)); } /**@@ -593,15 +663,9 @@ $this->dummyDbi->addResult($sql, [true]); $this->dummyDbi->addResult('Invalid query', false);- $this->assertInstanceOf(- ResultInterface::class,- $this->dbi->queryAsControlUser($sql)- );- $this->assertInstanceOf(- ResultInterface::class,- $this->dbi->tryQueryAsControlUser($sql)- );- $this->assertFalse($this->dbi->tryQueryAsControlUser('Invalid query'));+ self::assertInstanceOf(ResultInterface::class, $this->dbi->queryAsControlUser($sql));+ self::assertInstanceOf(ResultInterface::class, $this->dbi->tryQueryAsControlUser($sql));+ self::assertFalse($this->dbi->tryQueryAsControlUser('Invalid query')); } public function testGetDatabasesFullDisabledISAndSortIntColumn(): void@@ -775,7 +839,7 @@ 100 );- $this->assertSame([+ self::assertSame([ [ 'SCHEMA_NAME' => 'db2', 'DEFAULT_COLLATION_NAME' => 'utf8_general_ci',@@ -822,10 +886,10 @@ ): void { $this->dbi->setVersion($version);- $this->assertEquals($versionInt, $this->dbi->getVersion());- $this->assertEquals($isMariaDb, $this->dbi->isMariaDB());- $this->assertEquals($isPercona, $this->dbi->isPercona());- $this->assertEquals($version['@@version'], $this->dbi->getVersionString());+ self::assertSame($versionInt, $this->dbi->getVersion());+ self::assertSame($isMariaDb, $this->dbi->isMariaDB());+ self::assertSame($isPercona, $this->dbi->isPercona());+ self::assertSame($version['@@version'], $this->dbi->getVersionString()); } /**@@ -834,7 +898,7 @@ * @return array * @psalm-return array<int, array{array<array-key, mixed>, int, bool, bool}> */- public function provideDatabaseVersionData(): array+ public static function provideDatabaseVersionData(): array { return [ [
After analyzing the provided code diff, I don't identify any clear security vulnerabilities being fixed. The changes appear to be primarily test improvements and code quality enhancements. Here's my analysis: 1. Vulnerability Existed: no The changes are mainly test improvements including: - Changing assertEquals to assertSame for stricter comparisons - Adding new test cases for getCurrentRoles() - Improving test coverage for various database functions - Adding static keyword to data provider methods - Adding new test case testGetTablesFullBug18913() 2. Vulnerability Existed: no The changes include code quality improvements like: - Adding use function array_keys - Better type hints and return type declarations - More consistent test assertions - Additional test cases for edge cases 3. Vulnerability Existed: no The diff shows test coverage expansion for: - Database role functionality - Collation handling - Version detection - Amazon RDS detection - Table information retrieval The changes appear focused on improving test reliability and coverage rather than addressing security vulnerabilities. The modifications follow good testing practices by making assertions more strict (assertEquals → assertSame) and expanding test coverage for various database-related functionality.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/Export/ExportJsonTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/Export/ExportJsonTest.php@@ -59,57 +59,36 @@ $attrProperties->setAccessible(true); $properties = $attrProperties->getValue($this->object);- $this->assertInstanceOf(ExportPluginProperties::class, $properties);-- $this->assertEquals(- 'JSON',- $properties->getText()- );-- $this->assertEquals(- 'json',- $properties->getExtension()- );-- $this->assertEquals(- 'text/plain',- $properties->getMimeType()- );-- $this->assertEquals(- 'Options',- $properties->getOptionsText()- );+ self::assertInstanceOf(ExportPluginProperties::class, $properties);++ self::assertSame('JSON', $properties->getText());++ self::assertSame('json', $properties->getExtension());++ self::assertSame('text/plain', $properties->getMimeType());++ self::assertSame('Options', $properties->getOptionsText()); $options = $properties->getOptions();- $this->assertInstanceOf(OptionsPropertyRootGroup::class, $options);-- $this->assertEquals(- 'Format Specific Options',- $options->getName()- );+ self::assertInstanceOf(OptionsPropertyRootGroup::class, $options);++ self::assertSame('Format Specific Options', $options->getName()); $generalOptionsArray = $options->getProperties(); $generalOptions = $generalOptionsArray[0];- $this->assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);-- $this->assertEquals(- 'general_opts',- $generalOptions->getName()- );+ self::assertInstanceOf(OptionsPropertyMainGroup::class, $generalOptions);++ self::assertSame('general_opts', $generalOptions->getName()); $generalProperties = $generalOptions->getProperties(); $property = array_shift($generalProperties);- $this->assertInstanceOf(HiddenPropertyItem::class, $property);-- $this->assertEquals(- 'structure_or_data',- $property->getName()- );+ self::assertInstanceOf(HiddenPropertyItem::class, $property);++ self::assertSame('structure_or_data', $property->getName()); } public function testExportHeader(): void@@ -123,9 +102,7 @@ . "\n" );- $this->assertTrue(- $this->object->exportHeader()- );+ self::assertTrue($this->object->exportHeader()); } public function testExportFooter(): void@@ -134,9 +111,7 @@ $this->expectOutputString(']');- $this->assertTrue(- $this->object->exportFooter()- );+ self::assertTrue($this->object->exportFooter()); } public function testExportDBHeader(): void@@ -145,23 +120,17 @@ $this->expectOutputString('{"type":"database","name":"testDB"},' . "\n");- $this->assertTrue(- $this->object->exportDBHeader('testDB')- );+ self::assertTrue($this->object->exportDBHeader('testDB')); } public function testExportDBFooter(): void {- $this->assertTrue(- $this->object->exportDBFooter('testDB')- );+ self::assertTrue($this->object->exportDBFooter('testDB')); } public function testExportDBCreate(): void {- $this->assertTrue(- $this->object->exportDBCreate('testDB', 'database')- );+ self::assertTrue($this->object->exportDBCreate('testDB', 'database')); } public function testExportData(): void@@ -176,7 +145,7 @@ . '}' . "\n" );- $this->assertTrue($this->object->exportData(+ self::assertTrue($this->object->exportData( 'test_db', 'test_table', "\n",@@ -199,15 +168,13 @@ . "]\n}\n" );- $this->assertTrue(- $this->object->exportData(- 'test_db',- 'test_table_complex',- "\n",- 'example.com',- 'SELECT * FROM `test_db`.`test_table_complex`;'- )- );+ self::assertTrue($this->object->exportData(+ 'test_db',+ 'test_table_complex',+ "\n",+ 'example.com',+ 'SELECT * FROM `test_db`.`test_table_complex`;'+ )); } public function testExportRawComplexData(): void@@ -223,13 +190,11 @@ . "]\n}\n" );- $this->assertTrue(- $this->object->exportRawQuery(- 'example.com',- null,- 'SELECT * FROM `test_db`.`test_table_complex`;',- "\n"- )- );+ self::assertTrue($this->object->exportRawQuery(+ 'example.com',+ null,+ 'SELECT * FROM `test_db`.`test_table_complex`;',+ "\n"+ )); } }
After analyzing the provided code diff, I can identify that this is primarily a test file modification with changes focused on assertion style updates (changing `assertEquals` to `assertSame` and `assertTrue` to `self::assertTrue`). There are no apparent security vulnerabilities being fixed in this diff. Here's the structured response: Vulnerability Existed: no [No security vulnerability found] [test/classes/Plugins/Export/ExportJsonTest.php] [Lines 59-190] [Old assertion style using assertEquals/assertTrue] [New assertion style using assertSame/self::assertTrue] The changes appear to be test code improvements rather than security fixes. The modifications: 1. Change assertion methods to be more strict (assertSame instead of assertEquals) 2. Use self:: prefix for assertions 3. Improve code formatting and reduce verbosity No security-related changes or vulnerability fixes are present in this diff. The changes are purely related to test code quality and consistency.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Utils/ForeignKey.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Utils/ForeignKey.php@@ -30,7 +30,7 @@ $dbi->fetchValue('SELECT @@ndb_version_string') ?: '' ); if (substr($ndbver, 0, 4) === 'ndb-') {- $ndbver = substr($ndbver, 4);+ $ndbver = (string) substr($ndbver, 4); } return version_compare($ndbver, '7.3', '>=');
Let me analyze the code diff for security fixes:
1. Vulnerability Existed: not sure
[Potential Type Casting Issue] [libraries/classes/Utils/ForeignKey.php] [Lines 30-33]
[Old Code]
$ndbver = substr($ndbver, 4);
[Fixed Code]
$ndbver = (string) substr($ndbver, 4);
Additional Details:
- The change adds explicit string type casting to the substring operation
- While not clearly a security vulnerability, this could potentially prevent type-related issues if substr() returns unexpected types
- The fix ensures consistent string type for version comparison
- Without more context, it's hard to determine if this was fixing an actual security issue or just improving code robustness
Note: This appears to be a defensive programming improvement rather than a clear security fix, but I've included it following the instructions to analyze all changes.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Pdf.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Pdf.php@@ -60,6 +60,12 @@ $this->AddFont('DejaVuSans', 'B', 'dejavusansb.php'); $this->setFont(self::PMA_PDF_FONT, '', 14); $this->setFooterFont([self::PMA_PDF_FONT, '', 14]);+ $this->setLanguageArray([+ 'a_meta_charset' => 'UTF-8',+ 'a_meta_dir' => $GLOBALS['text_dir'],+ 'a_meta_language' => $GLOBALS['lang'],+ 'w_page' => __('Page number:'),+ ]); } /**
Based on the provided code diff, here's the analysis:
Vulnerability Existed: not sure
[Potential Character Encoding Issue] [libraries/classes/Pdf.php] [Lines 60-66]
[Old Code]
```php
$this->AddFont('DejaVuSans', 'B', 'dejavusansb.php');
$this->setFont(self::PMA_PDF_FONT, '', 14);
$this->setFooterFont([self::PMA_PDF_FONT, '', 14]);
```
[Fixed Code]
```php
$this->AddFont('DejaVuSans', 'B', 'dejavusansb.php');
$this->setFont(self::PMA_PDF_FONT, '', 14);
$this->setFooterFont([self::PMA_PDF_FONT, '', 14]);
$this->setLanguageArray([
'a_meta_charset' => 'UTF-8',
'a_meta_dir' => $GLOBALS['text_dir'],
'a_meta_language' => $GLOBALS['lang'],
'w_page' => __('Page number:'),
]);
```
Additional Details:
- The fix adds language and character encoding settings which could potentially address XSS or character encoding issues, but without more context about how these values are used, we can't be certain.
- The explicit setting of UTF-8 charset could help prevent character encoding-related vulnerabilities.
- The use of `$GLOBALS` variables without visible sanitization might be a concern, but again, we can't be certain without seeing how these values are processed elsewhere.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Display/Results.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Display/Results.php@@ -982,7 +982,6 @@ * @param array $sortDirection sort direction * @param bool $isLimitedDisplay with limited operations * or not- * @param string $unsortedSqlQuery query without the sort part * * @return string html content */@@ -992,8 +991,7 @@ array $sortExpression, array $sortExpressionNoDirection, array $sortDirection,- $isLimitedDisplay,- $unsortedSqlQuery+ $isLimitedDisplay ) { // required to generate sort links that will remember whether the // "Show all" button has been clicked@@ -1040,7 +1038,7 @@ $fieldsMeta[$i], $sortExpression, $sortExpressionNoDirection,- $unsortedSqlQuery,+ $analyzedSqlResults, $sessionMaxRows, $comments, $sortDirection,@@ -1092,7 +1090,6 @@ * * @param array $displayParts which elements to display * @param array $analyzedSqlResults analyzed sql results- * @param string $unsortedSqlQuery the unsorted sql query * @param array $sortExpression sort expression * @param array<int, string> $sortExpressionNoDirection sort expression without direction * @param array $sortDirection sort direction@@ -1110,7 +1107,6 @@ private function getTableHeaders( array $displayParts, array $analyzedSqlResults,- $unsortedSqlQuery, array $sortExpression = [], array $sortExpressionNoDirection = [], array $sortDirection = [],@@ -1161,8 +1157,7 @@ $sortExpression, $sortExpressionNoDirection, $sortDirection,- $isLimitedDisplay,- $unsortedSqlQuery+ $isLimitedDisplay ); // Display column at rightside - checkboxes or empty column@@ -1482,7 +1477,7 @@ . ($theme instanceof Theme ? $theme->getImgPath($tmpImageFile) : '') . '" alt="' . $tmpTxt . '" title="' . $tmpTxt . '">';- return Generator::linkOrButton(Url::getFromRoute('/sql'), $urlParamsFullText, $tmpImage);+ return Generator::linkOrButton(Url::getFromRoute('/sql', $urlParamsFullText, false), null, $tmpImage); } /**@@ -1513,7 +1508,7 @@ * @param FieldMetadata $fieldsMeta set of field properties * @param array $sortExpression sort expression * @param array<int, string> $sortExpressionNoDirection sort expression without direction- * @param string $unsortedSqlQuery the unsorted sql query+ * @param array $analyzedSqlResults analyzed sql results * @param int $sessionMaxRows maximum rows resulted by sql * @param string $comments comment for row * @param array $sortDirection sort direction@@ -1536,7 +1531,7 @@ FieldMetadata $fieldsMeta, array $sortExpression, array $sortExpressionNoDirection,- $unsortedSqlQuery,+ array $analyzedSqlResults, $sessionMaxRows, string $comments, array $sortDirection,@@ -1565,19 +1560,16 @@ $fieldsMeta );- if (- preg_match(- '@(.*)([[:space:]](LIMIT (.*)|PROCEDURE (.*)|FOR UPDATE|LOCK IN SHARE MODE))@is',- $unsortedSqlQuery,- $regs3- )- ) {- $singleSortedSqlQuery = $regs3[1] . $singleSortOrder . $regs3[2];- $multiSortedSqlQuery = $regs3[1] . $multiSortOrder . $regs3[2];- } else {- $singleSortedSqlQuery = $unsortedSqlQuery . $singleSortOrder;- $multiSortedSqlQuery = $unsortedSqlQuery . $multiSortOrder;- }+ $singleSortedSqlQuery = Query::replaceClause(+ $analyzedSqlResults['statement'],+ $analyzedSqlResults['parser']->list,+ $singleSortOrder+ );+ $multiSortedSqlQuery = Query::replaceClause(+ $analyzedSqlResults['statement'],+ $analyzedSqlResults['parser']->list,+ $multiSortOrder+ ); $singleUrlParams = [ 'db' => $this->properties['db'],@@ -1644,11 +1636,16 @@ ? 0 : count($sortExpressionNoDirection); $sortExpressionNoDirection[$specialIndex] = Util::backquote($currentName);- $isTimeOrDate = $fieldsMeta->isType(FieldMetadata::TYPE_TIME)- || $fieldsMeta->isType(FieldMetadata::TYPE_DATE)- || $fieldsMeta->isType(FieldMetadata::TYPE_DATETIME)- || $fieldsMeta->isType(FieldMetadata::TYPE_TIMESTAMP);- $sortDirection[$specialIndex] = $isTimeOrDate ? self::DESCENDING_SORT_DIR : self::ASCENDING_SORT_DIR;+ // Set the direction to the config value+ $sortDirection[$specialIndex] = $GLOBALS['cfg']['Order'];+ // Or perform SMART mode+ if ($GLOBALS['cfg']['Order'] === self::SMART_SORT_ORDER) {+ $isTimeOrDate = $fieldsMeta->isType(FieldMetadata::TYPE_TIME)+ || $fieldsMeta->isType(FieldMetadata::TYPE_DATE)+ || $fieldsMeta->isType(FieldMetadata::TYPE_DATETIME)+ || $fieldsMeta->isType(FieldMetadata::TYPE_TIMESTAMP);+ $sortDirection[$specialIndex] = $isTimeOrDate ? self::DESCENDING_SORT_DIR : self::ASCENDING_SORT_DIR;+ } } $sortExpressionNoDirection = array_filter($sortExpressionNoDirection);@@ -1873,16 +1870,15 @@ array $orderUrlParams, array $multiOrderUrlParams ): string {- $urlPath = Url::getFromRoute('/sql');+ $urlPath = Url::getFromRoute('/sql', $multiOrderUrlParams, false); $innerLinkContent = htmlspecialchars($fieldsMeta->name) . $orderImg . '<input type="hidden" value="' . $urlPath- . Url::getCommon($multiOrderUrlParams, str_contains($urlPath, '?') ? '&' : '?', false) . '">'; return Generator::linkOrButton(- Url::getFromRoute('/sql'),- $orderUrlParams,+ Url::getFromRoute('/sql', $orderUrlParams, false),+ null, $innerLinkContent, ['class' => 'sortlink'] );@@ -2910,7 +2906,7 @@ array $descriptions, int $numEmptyColumnsAfter ): string {- $headerHtml = '<tr>' . "\n";+ $headerHtml = '<tr class="repeating_header_row">' . "\n"; if ($numEmptyColumnsBefore > 0) { $headerHtml .= ' <th colspan="'@@ -2953,8 +2949,10 @@ 'db' => $this->properties['db'], 'table' => $this->properties['table'], 'where_clause' => $whereClause,+ 'where_clause_signature' => Core::signSqlQuery($whereClause), 'clause_is_unique' => $clauseIsUnique, 'sql_query' => $urlSqlQuery,+ 'sql_signature' => Core::signSqlQuery($urlSqlQuery), 'goto' => Url::getFromRoute('/sql'), ];@@ -3704,7 +3702,6 @@ $this->properties['table'] = $fieldsMeta[0]->table; }- $unsortedSqlQuery = ''; $sortByKeyData = []; // can the result be sorted? if ($displayParts['sort_lnk'] == '1' && isset($analyzedSqlResults['statement'])) {@@ -3757,7 +3754,6 @@ $headers = $this->getTableHeaders( $displayParts, $analyzedSqlResults,- $unsortedSqlQuery, $sortExpression, $sortExpressionNoDirection, $sortDirection,@@ -4184,7 +4180,7 @@ // display the Export link). if ( ($analyzedSqlResults['querytype'] === self::QUERY_TYPE_SELECT)- && empty($analyzedSqlResults['procedure'])+ && empty($analyzedSqlResults['is_procedure']) ) { if (count($analyzedSqlResults['select_tables']) === 1) { $urlParams['single_table'] = 'true';@@ -4220,7 +4216,7 @@ } return [- 'has_procedure' => ! empty($analyzedSqlResults['procedure']),+ 'has_procedure' => ! empty($analyzedSqlResults['is_procedure']), 'has_geometry' => $geometryFound, 'has_print_link' => $printLink == '1', 'has_export_link' => $analyzedSqlResults['querytype'] === self::QUERY_TYPE_SELECT,@@ -4477,9 +4473,9 @@ if ($relationalDisplay === self::RELATIONAL_KEY) { // user chose "relational key" in the display options, so // the title contains the display field- $title = htmlspecialchars($dispval ?? '');+ $title = $dispval ?? ''; } else {- $title = htmlspecialchars($data);+ $title = $data; } $tagParams = ['title' => $title];@@ -4488,8 +4484,8 @@ } $value .= Generator::linkOrButton(- Url::getFromRoute('/sql'),- $urlParams,+ Url::getFromRoute('/sql', $urlParams, false),+ null, $displayedData, $tagParams );
Based on the provided code diff, I'll analyze the changes for potential security fixes. Here are the identified vulnerabilities and changes: 1. Vulnerability Existed: yes SQL Injection Vulnerability [File] libraries/classes/Display/Results.php [Lines] 1536-1565 [Old Code] Used direct string manipulation and regex on unsorted SQL query [Fixed Code] Replaced with Query::replaceClause() using analyzed SQL results for safer SQL construction 2. Vulnerability Existed: yes Cross-Site Scripting (XSS) Vulnerability [File] libraries/classes/Display/Results.php [Lines] 4473-4486 [Old Code] $title = htmlspecialchars($dispval ?? ''); $title = htmlspecialchars($data); [Fixed Code] $title = $dispval ?? ''; $title = $data; (Note: This appears to be a regression - the removal of htmlspecialchars might actually introduce XSS) 3. Vulnerability Existed: yes URL Parameter Tampering Vulnerability [File] libraries/classes/Display/Results.php [Lines] 2953-2954 [Old Code] 'where_clause' => $whereClause, 'sql_query' => $urlSqlQuery, [Fixed Code] 'where_clause' => $whereClause, 'where_clause_signature' => Core::signSqlQuery($whereClause), 'sql_query' => $urlSqlQuery, 'sql_signature' => Core::signSqlQuery($urlSqlQuery), Added query signature verification to prevent tampering 4. Vulnerability Existed: not sure Potential Information Disclosure [File] libraries/classes/Display/Results.php [Lines] 4180 [Old Code] empty($analyzedSqlResults['procedure']) [Fixed Code] empty($analyzedSqlResults['is_procedure']) This change in field name might indicate more secure handling of procedure detection, but the impact is unclear 5. Vulnerability Existed: not sure Potential Clickjacking Vulnerability [File] libraries/classes/Display/Results.php [Lines] 2910 [Old Code] $headerHtml = '<tr>' . "\n"; [Fixed Code] $headerHtml = '<tr class="repeating_header_row">' . "\n"; Added class name might be related to security headers or frame-busting, but purpose is unclear Note: The change that removed htmlspecialchars() in point 2 appears to be a security regression rather than a fix, potentially introducing XSS vulnerabilities where previously there were none. This might warrant further investigation.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Encoding.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Encoding.php@@ -4,6 +4,7 @@ namespace PhpMyAdmin;+use function array_filter; use function array_intersect; use function array_map; use function explode;@@ -14,11 +15,16 @@ use function function_exists; use function fwrite; use function iconv;+use function is_string; use function mb_convert_encoding; use function mb_convert_kana; use function mb_detect_encoding; use function mb_list_encodings;+use function preg_replace; use function recode_string;+use function str_contains;+use function str_starts_with;+use function strtoupper; use function tempnam; use function unlink;@@ -190,7 +196,16 @@ return recode_string($src_charset . '..' . $dest_charset, $what); case self::ENGINE_ICONV:- return iconv($src_charset, $dest_charset . ($GLOBALS['cfg']['IconvExtraParams'] ?? ''), $what);+ $iconvExtraParams = '';+ if (+ isset($GLOBALS['cfg']['IconvExtraParams'])+ && is_string($GLOBALS['cfg']['IconvExtraParams'])+ && str_starts_with($GLOBALS['cfg']['IconvExtraParams'], '//')+ ) {+ $iconvExtraParams = $GLOBALS['cfg']['IconvExtraParams'];+ }++ return iconv($src_charset, $dest_charset . $iconvExtraParams, $what); case self::ENGINE_MB: return mb_convert_encoding($what, $dest_charset, $src_charset);@@ -343,7 +358,14 @@ /* Most engines do not support listing */ if (self::$engine != self::ENGINE_MB) {- return $GLOBALS['cfg']['AvailableCharsets'];+ return array_filter($GLOBALS['cfg']['AvailableCharsets'], static function (string $charset): bool {+ // Removes any ignored character+ $normalizedCharset = strtoupper((string) preg_replace(['/[^A-Za-z0-9\-\/]/'], '', $charset));++ // The character set ISO-2022-CN-EXT can be vulnerable (CVE-2024-2961).+ return ! str_contains($normalizedCharset, 'ISO-2022-CN-EXT')+ && ! str_contains($normalizedCharset, 'ISO2022CNEXT');+ }); } return array_intersect(
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: yes
**Insecure Parameter Handling in iconv Conversion** [libraries/classes/Encoding.php] [Lines 190-197]
[Old Code]
`return iconv($src_charset, $dest_charset . ($GLOBALS['cfg']['IconvExtraParams'] ?? ''), $what);`
[Fixed Code]
```
$iconvExtraParams = '';
if (
isset($GLOBALS['cfg']['IconvExtraParams'])
&& is_string($GLOBALS['cfg']['IconvExtraParams'])
&& str_starts_with($GLOBALS['cfg']['IconvExtraParams'], '//')
) {
$iconvExtraParams = $GLOBALS['cfg']['IconvExtraParams'];
}
return iconv($src_charset, $dest_charset . $iconvExtraParams, $what);
```
2. Vulnerability Existed: yes
**CVE-2024-2961 (Vulnerable Character Set Handling)** [libraries/classes/Encoding.php] [Lines 343-358]
[Old Code]
`return $GLOBALS['cfg']['AvailableCharsets'];`
[Fixed Code]
```
return array_filter($GLOBALS['cfg']['AvailableCharsets'], static function (string $charset): bool {
// Removes any ignored character
$normalizedCharset = strtoupper((string) preg_replace(['/[^A-Za-z0-9\-\/]/'], '', $charset));
// The character set ISO-2022-CN-EXT can be vulnerable (CVE-2024-2961).
return ! str_contains($normalizedCharset, 'ISO-2022-CN-EXT')
&& ! str_contains($normalizedCharset, 'ISO2022CNEXT');
});
```
The changes address two security issues:
1. The first fix properly validates and sanitizes the `IconvExtraParams` parameter before using it in iconv conversion, preventing potential injection vulnerabilities.
2. The second fix explicitly filters out the vulnerable ISO-2022-CN-EXT character set (CVE-2024-2961) from the available character sets, along with its alternative naming format.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Gis/GisVisualizationTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Gis/GisVisualizationTest.php@@ -39,19 +39,16 @@ ], ] );- $this->assertSame(- [- 'scale' => 1,- 'x' => -300.0,- 'y' => -225.0,- 'minX' => 0.0,- 'maxX' => 0.0,- 'minY' => 0.0,- 'maxY' => 0.0,- 'height' => 450,- ],- $dataSet- );+ self::assertSame([+ 'scale' => 1,+ 'x' => -300.0,+ 'y' => -225.0,+ 'minX' => 0.0,+ 'maxX' => 0.0,+ 'minY' => 0.0,+ 'maxY' => 0.0,+ 'height' => 450,+ ], $dataSet); $dataSet = $this->callFunction( $gis, GisVisualization::class,@@ -66,20 +63,40 @@ ], ] );- $this->assertSame(- [- 'scale' => 2.1,- 'x' => -45.35714285714286,- 'y' => 42.85714285714286,- 'minX' => 17.0,- 'maxX' => 178.0,- 'minY' => 50.0 ,- 'maxY' => 250.0,- 'height' => 450,-- ],- $dataSet- );+ self::assertSame([+ 'scale' => 2.1,+ 'x' => -45.35714285714286,+ 'y' => 42.85714285714286,+ 'minX' => 17.0,+ 'maxX' => 178.0,+ 'minY' => 50.0 ,+ 'maxY' => 250.0,+ 'height' => 450,++ ], $dataSet);++ // Regression test for bug with 0.0 sentinel values+ $dataSet = $this->callFunction(+ $gis,+ GisVisualization::class,+ 'scaleDataSet',+ [+ [+ ['abc' => 'MULTIPOLYGON(((0 0,0 3,3 3,3 0,0 0),(1 1,1 2,2 2,2 1,1 1)))'],+ ['abc' => 'MULTIPOLYGON(((10 10,10 13,13 13,13 10,10 10),(11 11,11 12,12 12,12 11,11 11)))'],+ ],+ ]+ );+ self::assertSame([+ 'scale' => 32.30769230769231,+ 'x' => -2.7857142857142865,+ 'y' => -0.4642857142857143,+ 'minX' => 0.0,+ 'maxX' => 13.0,+ 'minY' => 0.0,+ 'maxY' => 13.0,+ 'height' => 450,+ ], $dataSet); } /**@@ -102,7 +119,7 @@ ] );- $this->assertEquals('SELECT ASTEXT(`abc`) AS `abc`, SRID(`abc`) AS `srid` FROM () AS `temp_gis`', $queryString);+ self::assertSame('SELECT ASTEXT(`abc`) AS `abc`, SRID(`abc`) AS `srid` FROM () AS `temp_gis`', $queryString); } /**@@ -125,7 +142,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`) AS `abc`, ST_SRID(`abc`) AS `srid` FROM () AS `temp_gis`', $queryString );@@ -151,7 +168,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`) AS `abc`, ST_SRID(`abc`) AS `srid` FROM (SELECT 1 FROM foo) AS `temp_gis`', $queryString );@@ -178,7 +195,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT `country name`, ST_ASTEXT(`country_geom`) AS `country_geom`,' . ' ST_SRID(`country_geom`) AS `srid` FROM () AS `temp_gis`', $queryString@@ -205,7 +222,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`) AS `abc`, ST_SRID(`abc`) AS `srid` FROM () AS `temp_gis` LIMIT 0, 10', $queryString );@@ -225,7 +242,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`) AS `abc`, ST_SRID(`abc`) AS `srid` FROM () AS `temp_gis` LIMIT 10, 15', $queryString );@@ -251,7 +268,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`, \'axis-order=long-lat\') AS `abc`, ST_SRID(`abc`) AS `srid` FROM () AS `temp_gis`', $queryString );@@ -277,7 +294,7 @@ ] );- $this->assertEquals(+ self::assertSame( 'SELECT ST_ASTEXT(`abc`) AS `abc`, ST_SRID(`abc`) AS `srid` FROM () AS `temp_gis`', $queryString );
After analyzing the provided code diff, I don't find any security vulnerabilities being fixed. The changes appear to be primarily test case improvements and assertions being updated from `assertEquals` to `assertSame` for more strict comparison. Here's the analysis: 1. Vulnerability Existed: no No security vulnerability [test/classes/Gis/GisVisualizationTest.php] [Various lines] The changes are test improvements and assertion style updates 2. Vulnerability Existed: no No security vulnerability [test/classes/Gis/GisVisualizationTest.php] [Added regression test] The added regression test for 0.0 sentinel values appears to be a test case improvement, not a security fix The main changes in this diff are: 1. Changing assertion methods from `assertEquals` to `assertSame` for more strict comparisons 2. Adding a new regression test case for handling 0.0 values 3. Formatting improvements in the test assertions None of these changes appear to address security vulnerabilities but rather improve test reliability and coverage. The changes are focused on the test suite rather than production code.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/classes/Plugins/TwoFactor/KeyTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/classes/Plugins/TwoFactor/KeyTest.php@@ -40,6 +40,6 @@ 'index' => 0, ], ];- $this->assertEquals($expected, $actual);+ self::assertEquals($expected, $actual); } }
After analyzing the provided code diff, here's the security assessment: Vulnerability Existed: no [No specific vulnerability] [test/classes/Plugins/TwoFactor/KeyTest.php] [Lines 40] [Old Code] $this->assertEquals($expected, $actual); [Fixed Code] self::assertEquals($expected, $actual); Explanation: The change is purely a test code improvement, changing from instance method call (`$this->`) to static method call (`self::`). This doesn't represent a security fix but rather a code quality improvement in the test suite. The functionality remains identical, and there's no security vulnerability being addressed here.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/libraries/classes/Query/Compatibility.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/libraries/classes/Query/Compatibility.php@@ -5,6 +5,7 @@ namespace PhpMyAdmin\Query; use PhpMyAdmin\DatabaseInterface;+use PhpMyAdmin\Dbal\DbalInterface; use PhpMyAdmin\Util; use function in_array;@@ -19,6 +20,7 @@ */ class Compatibility {+ /** @return mixed[][] */ public static function getISCompatForGetTablesFull(array $eachTables, string $eachDatabase): array { foreach ($eachTables as $table_name => $_) {@@ -253,4 +255,18 @@ { return $isMariaDb && $version >= 100402 || ! $isMariaDb && $version >= 50706; }++ /** @return non-empty-string */+ public static function getShowBinLogStatusStmt(DbalInterface $dbal): string+ {+ if ($dbal->isMySql() && $dbal->getVersion() >= 80200) {+ return 'SHOW BINARY LOG STATUS';+ }++ if ($dbal->isMariaDB() && $dbal->getVersion() >= 100502) {+ return 'SHOW BINLOG STATUS';+ }++ return 'SHOW MASTER STATUS';+ } }
I'll analyze the code diff and provide the security findings following the specified format.
1. Vulnerability Existed: not sure
[Potential SQL Injection Prevention] [libraries/classes/Query/Compatibility.php] [Lines 257-269]
[Old Code]
(None - this is a new method)
[Fixed Code]
public static function getShowBinLogStatusStmt(DbalInterface $dbal): string
{
if ($dbal->isMySql() && $dbal->getVersion() >= 80200) {
return 'SHOW BINARY LOG STATUS';
}
if ($dbal->isMariaDB() && $dbal->getVersion() >= 100502) {
return 'SHOW BINLOG STATUS';
}
return 'SHOW MASTER STATUS';
}
Additional Details:
- The new method appears to be implementing proper version checking before returning SQL statements, which could help prevent SQL injection by ensuring the correct syntax is used for the specific database version.
- The method is properly typed with return type hints and uses the DbalInterface for database operations, which typically includes proper escaping mechanisms.
- However, without seeing the actual vulnerability being fixed, I can't be certain this was specifically added for security reasons.
2. Vulnerability Existed: no
[Code Quality Improvement] [libraries/classes/Query/Compatibility.php] [Lines 19]
[Old Code]
public static function getISCompatForGetTablesFull(array $eachTables, string $eachDatabase): array
[Fixed Code]
/** @return mixed[][] */
public static function getISCompatForGetTablesFull(array $eachTables, string $eachDatabase): array
Additional Details:
- This change only adds a return type annotation and doesn't appear to be security-related.
- It improves code documentation but doesn't fix any security vulnerability.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.
--- /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_1/phpmyadmin-RELEASE_5_2_1/test/selenium/Table/CreateTest.php+++ /root/PatchLeaks-main/products/phpmyadmin_downloads/RELEASE_5_2_2/phpmyadmin-RELEASE_5_2_2/test/selenium/Table/CreateTest.php@@ -18,11 +18,7 @@ parent::setUp(); $this->login();- $this->waitForElement('partialLinkText', 'Databases')->click();- $this->waitAjax();-- // go to specific database page- $this->waitForElement('partialLinkText', $this->databaseName)->click();+ $this->navigateDatabase($this->databaseName); } /**@@ -108,79 +104,38 @@ $this->waitForElement('id', 'table_structure_id'); // make assertions for first row- $this->assertStringContainsString(- 'test_id',- $this->byCssSelector('label[for=checkbox_row_1]')->getText()- );+ self::assertStringContainsString('test_id', $this->byCssSelector('label[for=checkbox_row_1]')->getText());- $this->assertEquals(- 'int(14)',- $this->getCellByTableId('tablestructure', 1, 4)- );+ self::assertEquals('int(14)', $this->getCellByTableId('tablestructure', 1, 4));- $this->assertEquals(- 'UNSIGNED',- $this->getCellByTableId('tablestructure', 1, 6)- );+ self::assertEquals('UNSIGNED', $this->getCellByTableId('tablestructure', 1, 6));- $this->assertEquals(- 'No',- $this->getCellByTableId('tablestructure', 1, 7)- );+ self::assertEquals('No', $this->getCellByTableId('tablestructure', 1, 7));- $this->assertEquals(- 'None',- $this->getCellByTableId('tablestructure', 1, 8)- );- $this->assertEquals(- 'comm1',- $this->getCellByTableId('tablestructure', 1, 9)- );+ self::assertEquals('None', $this->getCellByTableId('tablestructure', 1, 8));+ self::assertEquals('comm1', $this->getCellByTableId('tablestructure', 1, 9));- $this->assertEquals(- 'AUTO_INCREMENT',- $this->getCellByTableId('tablestructure', 1, 10)- );+ self::assertEquals('AUTO_INCREMENT', $this->getCellByTableId('tablestructure', 1, 10));- $this->assertFalse(- $this->isElementPresent(- 'cssSelector',- 'table#tablestructure tbody tr:nth-child(1) "- . "ul.table-structure-actions li.primary a'- )- );+ self::assertFalse($this->isElementPresent(+ 'cssSelector',+ 'table#tablestructure tbody tr:nth-child(1) ul li.primary a'+ )); // make assertions for second row- $this->assertStringContainsString(- 'test_column',- $this->byCssSelector('label[for=checkbox_row_2]')->getText()- );+ self::assertStringContainsString('test_column', $this->byCssSelector('label[for=checkbox_row_2]')->getText());- $this->assertEquals(- 'varchar(10)',- $this->getCellByTableId('tablestructure', 2, 4)- );+ self::assertEquals('varchar(10)', $this->getCellByTableId('tablestructure', 2, 4));- $this->assertEquals(- 'utf8mb4_general_ci',- $this->getCellByTableId('tablestructure', 2, 5)- );+ self::assertEquals('utf8mb4_general_ci', $this->getCellByTableId('tablestructure', 2, 5));- $this->assertEquals(- 'Yes',- $this->getCellByTableId('tablestructure', 2, 7)- );+ self::assertEquals('Yes', $this->getCellByTableId('tablestructure', 2, 7));- $this->assertEquals(- 'def',- $this->getCellByTableId('tablestructure', 2, 8)- );+ self::assertEquals('def', $this->getCellByTableId('tablestructure', 2, 8));- $this->assertFalse(- $this->isElementPresent(- 'cssSelector',- 'css=ul.table-structure-actions:nth-child(2) li.primary a'- )- );+ self::assertTrue($this->isElementPresent(+ 'cssSelector',+ 'table#tablestructure tbody tr:nth-child(2) ul li.primary a'+ )); } }
After analyzing the provided code diff, I don't find any clear security vulnerabilities being fixed. The changes appear to be primarily test code refactoring and assertion improvements. Here's the analysis:
1. Vulnerability Existed: no
Test Code Refactoring [File] test/selenium/Table/CreateTest.php [Lines] 18-23
Old Code:
```php
$this->waitForElement('partialLinkText', 'Databases')->click();
$this->waitAjax();
$this->waitForElement('partialLinkText', $this->databaseName)->click();
```
Fixed Code:
```php
$this->navigateDatabase($this->databaseName);
```
2. Vulnerability Existed: no
Test Assertion Improvements [File] test/selenium/Table/CreateTest.php [Lines] Various
Old Code:
```php
$this->assertFalse(
$this->isElementPresent(
'cssSelector',
'css=ul.table-structure-actions:nth-child(2) li.primary a'
)
);
```
Fixed Code:
```php
self::assertTrue($this->isElementPresent(
'cssSelector',
'table#tablestructure tbody tr:nth-child(2) ul li.primary a'
));
```
The changes are focused on:
1. Replacing manual navigation steps with a helper method (`navigateDatabase`)
2. Changing assertion styles from `$this->` to `self::`
3. Fixing CSS selector strings
4. Changing some assertions from `assertFalse` to `assertTrue` with corrected selectors
These appear to be test quality improvements rather than security fixes. No security vulnerabilities were identified in this diff.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the check tables feature. A crafted table or database name could be used for XSS.
An issue was discovered in phpMyAdmin 5.x before 5.2.2. An XSS vulnerability has been discovered for the Insert tab.