Make WordPress Core

Changeset 53307


Ignore:
Timestamp:
04/29/2022 04:48:13 AM (3 years ago)
Author:
peterwilsoncc
Message:

Media: Validate track number ID3 tags before use.

Validate current and total track ID3 tags as numeric before use.

Props mjkhajeh, SergeyBiryukov, costdev.
Fixes #55204.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/media.php

    r53229 r53307  
    362362            $track_number = explode( '/', $meta['track_number'] );
    363363
    364             if ( isset( $track_number[1] ) ) {
    365                 /* translators: Audio file track information. 1: Audio track number, 2: Total audio tracks. */
    366                 $content .= ' ' . sprintf( __( 'Track %1$s of %2$s.' ), number_format_i18n( $track_number[0] ), number_format_i18n( $track_number[1] ) );
    367             } else {
    368                 /* translators: Audio file track information. %s: Audio track number. */
    369                 $content .= ' ' . sprintf( __( 'Track %s.' ), number_format_i18n( $track_number[0] ) );
     364            if ( is_numeric( $track_number[0] ) ) {
     365                if ( isset( $track_number[1] ) && is_numeric( $track_number[1] ) ) {
     366                    $content .= ' ' . sprintf(
     367                        /* translators: Audio file track information. 1: Audio track number, 2: Total audio tracks. */
     368                        __( 'Track %1$s of %2$s.' ),
     369                        number_format_i18n( $track_number[0] ),
     370                        number_format_i18n( $track_number[1] )
     371                    );
     372                } else {
     373                    $content .= ' ' . sprintf(
     374                        /* translators: Audio file track information. %s: Audio track number. */
     375                        __( 'Track %s.' ),
     376                        number_format_i18n( $track_number[0] )
     377                    );
     378                }
    370379            }
    371380        }
Note: See TracChangeset for help on using the changeset viewer.