Make WordPress Core


Ignore:
Timestamp:
10/12/2023 12:32:43 PM (8 months ago)
Author:
jorbin
Message:

Prevent unintended behavior when certain objects are unserialized.

Props ehtis, xknown.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-wp-theme.php

    r56771 r56835  
    774774
    775775    /**
     776     * Perform reinitialization tasks.
     777     *
     778     * Prevents a callback from being injected during unserialization of an object.
     779     *
     780     * @return void
     781     */
     782    public function __wakeup() {
     783        if ( $this->parent && ! $this->parent instanceof self ) {
     784            throw new UnexpectedValueException();
     785        }
     786        if ( $this->headers && ! is_array( $this->headers ) ) {
     787            throw new UnexpectedValueException();
     788        }
     789        foreach ( $this->headers as $value ) {
     790            if ( ! is_string( $value ) ) {
     791                throw new UnexpectedValueException();
     792            }
     793        }
     794        $this->headers_sanitized = array();
     795    }
     796
     797    /**
    776798     * Adds theme data to cache.
    777799     *
     
    19191941        return strnatcasecmp( $a->name_translated, $b->name_translated );
    19201942    }
     1943
     1944    private static function _check_headers_property_has_correct_type( $headers ) {
     1945        if ( ! is_array( $headers ) ) {
     1946            return false;
     1947        }
     1948        foreach ( $headers as $key => $value ) {
     1949            if ( ! is_string( $key ) || ! is_string( $value ) ) {
     1950                return false;
     1951            }
     1952        }
     1953        return true;
     1954    }
    19211955}
Note: See TracChangeset for help on using the changeset viewer.