The function checkWarnings() in UploadBase.php calls:
$localFile = $this->getLocalFile();
$filename = $localFile->getName();
But getLocalFile() will return null if the title of the upload is invalid for some reason (like it contains a blacklisted extension). This can cause an exception to be thrown. There should be a null check in there.
Version: 1.20.x
Severity: normal
Whiteboard: gci2014