Ticket #4692 (closed defect (bug): fixed)

Opened 5 years ago

Last modified 5 years ago

Wordpress /edit-comments.php Database Error (Bug)

Reported by: BenjaminFlesch Owned by: Nazgul
Priority: normal Milestone: 2.2.2
Component: Administration Version: 2.2.1
Severity: normal Keywords: has-patch
Cc:

Description

In /edit-comments.php, the parameter apage is not properly sanitized before it is used to calculate the rows from which Wordpress tries to pull the comments from.

So in case apage has a negative numerical value, Wordpress throws a Database Error caused by an corrupted SQL Query which can be seen in the picture. It tries to SELECT all data from the table between rows -40 and 25, and this - of course - does not work ;)

Attachments

4692.diff Download (402 bytes) - added by Nazgul 5 years ago.
for_22.patch Download (826 bytes) - added by g30rg3x 5 years ago.
For Branch 2.2

Change History

Nazgul5 years ago

comment:1   Nazgul5 years ago

  • Keywords has-patch added
  • Owner changed from anonymous to Nazgul
  • Status changed from new to assigned
  • Milestone set to 2.3 (trunk)

comment:2   matt5 years ago

  • Status changed from assigned to closed
  • Resolution set to fixed

(In [5836]) Absolute numbers where we will never allow negatives, fixes #4692

g30rg3x5 years ago

For Branch 2.2

comment:3   g30rg3x5 years ago

Please apply this for branch 2.2 :)

comment:4   markjaquith5 years ago

(In [5839]) Absolute numbers where we will never allow negatives, fixes #4692 for 2.2.x, thanks g30rg3x

comment:5   markjaquith5 years ago

(In [5840]) Sanitize cat_id, fixes #4692 for 2.2.x, thanks g30rg3x

comment:6   markjaquith5 years ago

  • Milestone changed from 2.3 (trunk) to 2.2.2

comment:7   markjaquith5 years ago

Doh... That last one was for #4691

comment:8   BenjaminFlesch5 years ago

thanks for all your patches, guys, when may i expect an updated version?

-benjamin

Note: See TracTickets for help on using tickets.