Make WordPress Core

Changeset 51818


Ignore:
Timestamp:
09/15/2021 10:18:36 PM (3 years ago)
Author:
hellofromTonya
Message:

Options, Meta APIs: Fix "passing null to non-nullable" deprecations to (get|add|update|delete)_option().

In all four of the get_option(), add_option(), update_option() and delete_option() functions, the $option parameter (i.e. the option name) is passed to the PHP native trim() function without prior input validation.

In PHP 8.1, this could lead to a trim(): Passing null to parameter #1 ($string) of type string is deprecated for each of these functions.

trim():

  • expects a text string and is only useful when passed a text string as no other variable type can contain whitespace.
  • will always return a string, which means that in practice for any non-string values passed, it would effectively function as a type cast to string.

This commit:

  • Adds a check to verify the $option name is a scalar before processing it with trim().
  • The "type cast" behavior is maintained.
  • If the given $option name is not a scalar, such as null, the fix prevents the PHP 8.1 deprecation notice.
  • Tests are added for valid but undesired option names to safeguard against regressions.

This issue is already covered by:

  • the existing Tests_Option_Option::test_bad_option_names() test group.
  • the new test_valid_but_undesired_option_names() tests.

Follow-up to [13858], [22633], [23510], [25002], [51817].

Props jrf, hellofromTonya, pbearne.
See #53635.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/option.php

    r51324 r51818  
    7878    global $wpdb;
    7979
    80     $option = trim( $option );
     80    if ( is_scalar( $option ) ) {
     81        $option = trim( $option );
     82    }
     83
    8184    if ( empty( $option ) ) {
    8285        return false;
     
    379382    global $wpdb;
    380383
    381     $option = trim( $option );
     384    if ( is_scalar( $option ) ) {
     385        $option = trim( $option );
     386    }
     387
    382388    if ( empty( $option ) ) {
    383389        return false;
     
    566572    }
    567573
    568     $option = trim( $option );
     574    if ( is_scalar( $option ) ) {
     575        $option = trim( $option );
     576    }
     577
    569578    if ( empty( $option ) ) {
    570579        return false;
     
    688697    global $wpdb;
    689698
    690     $option = trim( $option );
     699    if ( is_scalar( $option ) ) {
     700        $option = trim( $option );
     701    }
     702
    691703    if ( empty( $option ) ) {
    692704        return false;
  • trunk/tests/phpunit/tests/option/option.php

    r51817 r51818  
    150150
    151151    /**
     152     * @ticket 53635
     153     *
     154     * @dataProvider data_valid_but_undesired_option_names
     155     *
     156     * @param mixed $option_name Option name.
     157     */
     158    public function test_get_option_valid_but_undesired_option_names( $option_name ) {
     159        $this->assertFalse( get_option( $option_name ) );
     160    }
     161
     162    /**
     163     * @ticket 53635
     164     *
     165     * @dataProvider data_valid_but_undesired_option_names
     166     *
     167     * @param mixed $option_name Option name.
     168     */
     169    public function test_add_option_valid_but_undesired_option_names( $option_name ) {
     170        $this->assertTrue( add_option( $option_name, '' ) );
     171    }
     172
     173    /**
     174     * @ticket 53635
     175     *
     176     * @dataProvider data_valid_but_undesired_option_names
     177     *
     178     * @param mixed $option_name Option name.
     179     */
     180    public function test_update_option_valid_but_undesired_option_names( $option_name ) {
     181        $this->assertTrue( update_option( $option_name, '' ) );
     182    }
     183
     184    /**
     185     * @ticket 53635
     186     *
     187     * @dataProvider data_valid_but_undesired_option_names
     188     *
     189     * @param mixed $option_name Option name.
     190     */
     191    public function test_delete_option_valid_but_undesired_option_names( $option_name ) {
     192        $this->assertFalse( delete_option( $option_name ) );
     193    }
     194
     195    /**
     196     * Data provider.
     197     *
     198     * @return array
     199     */
     200    public function data_valid_but_undesired_option_names() {
     201        return array(
     202            'string 123'   => array( '123' ),
     203            'integer 123'  => array( 123 ),
     204            'integer -123' => array( -123 ),
     205            'float 12.3'   => array( 12.3 ),
     206            'float -1.23'  => array( -1.23 ),
     207            'boolean true' => array( true ),
     208        );
     209    }
     210
     211    /**
    152212     * @ticket 23289
    153213     */
Note: See TracChangeset for help on using the changeset viewer.