WordPress.org

Make WordPress Core

Ticket #16057: 16057.3.diff

File 16057.3.diff, 3.6 KB (added by wonderboymusic, 5 years ago)
  • wordpress/wp-includes/class-http.php

    diff --git wordpress/wp-includes/class-http.php wordpress/wp-includes/class-http.php
    index a9738ee..542b360 100644
    class WP_Http_Fsockopen { 
    741741                        if ( ! $stream_handle )
    742742                                return new WP_Error( 'http_request_failed', sprintf( __( 'Could not open handle for fopen() to %s' ), $r['filename'] ) );
    743743
     744                        $bytes_written = 0;
     745
    744746                        while ( ! feof($handle) ) {
    745747                                $block = fread( $handle, 4096 );
    746748                                if ( $bodyStarted ) {
    747                                         fwrite( $stream_handle, $block );
     749                                        $bytes_written += fwrite( $stream_handle, $block );
    748750                                } else {
    749751                                        $strResponse .= $block;
    750752                                        if ( strpos( $strResponse, "\r\n\r\n" ) ) {
    751753                                                $process = WP_Http::processResponse( $strResponse );
    752754                                                $bodyStarted = true;
    753                                                 fwrite( $stream_handle, $process['body'] );
     755                                                $bytes_written += fwrite( $stream_handle, $process['body'] );
    754756                                                unset( $strResponse );
    755757                                                $process['body'] = '';
    756758                                        }
    class WP_Http_Fsockopen { 
    774776
    775777                $arrHeaders = WP_Http::processHeaders( $process['headers'] );
    776778
     779                //Check the file was fully written to disk
     780                if ( $r['stream'] && isset( $arrHeaders['headers']['content-length'] ) && (int)$arrHeaders['headers']['content-length'] > $bytes_written ) {
     781                        unlink( $r['filename'] );
     782                        return new WP_Error( 'http_request_failed', __( 'Failed to write full file to disk.' ) );
     783                }
     784
    777785                // If location is found, then assume redirect and redirect to location.
    778786                if ( isset($arrHeaders['headers']['location']) && 0 !== $r['_redirection'] ) {
    779787                        if ( $r['redirection']-- > 0 ) {
    class WP_Http_Streams { 
    942950                        if ( ! $stream_handle )
    943951                                return new WP_Error( 'http_request_failed', sprintf( __( 'Could not open handle for fopen() to %s' ), $r['filename'] ) );
    944952
    945                         stream_copy_to_stream( $handle, $stream_handle );
     953                        $bytes_written = stream_copy_to_stream( $handle, $stream_handle );
    946954
    947955                        fclose( $stream_handle );
    948956                        $strResponse = '';
    class WP_Http_Streams { 
    960968                else
    961969                        $processedHeaders = WP_Http::processHeaders($meta['wrapper_data']);
    962970
     971                //Check the file was fully written to disk
     972                if ( $r['stream'] && isset( $processedHeaders['headers']['content-length'] ) ) {
     973                        if ( (int)$processedHeaders['headers']['content-length'] > $bytes_written && ! ( $bytes_written === 1 && 0 === (int) $processedHeaders['headers']['content-length'] ) ) { // PHP Bug: http://bugs.php.net/bug.php?id=47997 fixed in 5.2.10
     974                                unlink( $r['filename'] );
     975                                return new WP_Error( 'http_request_failed', __( 'Failed to write full file to disk.' ) );
     976                        }
     977                }
     978
    963979                // Streams does not provide an error code which we can use to see why the request stream stopped.
    964980                // We can however test to see if a location header is present and return based on that.
    965981                if ( isset($processedHeaders['headers']['location']) && 0 !== $args['_redirection'] )
    class WP_Http_Curl { 
    11721188
    11731189                curl_close( $handle );
    11741190
    1175                 if ( $r['stream'] )
     1191                if ( $r['stream'] ) {
    11761192                        fclose( $stream_handle );
     1193                        // Check the file was fully written to disk
     1194                        if ( isset( $theHeaders['headers']['content-length'] ) && (int)$theHeaders['headers']['content-length'] > filesize( $r['filename'] ) ) {
     1195                                unlink( $r['filename'] );
     1196                                return new WP_Error( 'http_request_failed', __( 'Failed to write full file to disk.' ) );
     1197                        }
     1198                }
    11771199
    11781200                // See #11305 - When running under safe mode, redirection is disabled above. Handle it manually.
    11791201                if ( ! empty( $theHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections