Make WordPress Core

Ticket #42437: 42437.diff

File 42437.diff, 1.2 KB (added by pbiron, 6 years ago)

proof-of-concept patch

  • src/wp-admin/includes/file.php

    diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php
    index b00752e..14f0588 100644
    a b function _wp_handle_upload( &$file, $overrides, $time, $action ) { 
    824824                return call_user_func_array( $upload_error_handler, array( &$file, $uploads['error'] ) );
    825825        }
    826826
     827        $name = wp_basename( $file['name'], ".$ext" );
     828        if ( preg_match( "/-\d+x\d+(?=\.{$ext}\$)/", $file['name'] ) ) {
     829                // Always append `-\d+` to file names that can potentially match other subsize file names.
     830                $i = 1;
     831                while ( is_file( "{$uploads['path']}/$name-$i.$ext" ) ) {
     832                        $i++;
     833                }
     834                $file['name'] = "$name-$i.$ext";
     835        }
     836        else {
     837                // prevent filename collisions with original filenames that contained dimension-like strings
     838                // uploaded prior to patch #xxx
     839                $collisions = glob( "{$uploads['path']}/$name-[0123456789]x[0123456789].$ext" );
     840                $i = 1;
     841                while ( ! empty( $collisions ) ) {
     842                        $collisions = glob( "{$uploads['path']}/$name-$i-[0123456789]x[0123456789].$ext" );
     843                        $i++;
     844                }
     845                $file['name'] = "$name-$i.$ext";
     846        }
     847
    827848        $filename = wp_unique_filename( $uploads['path'], $file['name'], $unique_filename_callback );
    828849
    829850        // Move the file to the uploads dir.