Changeset 62176 for trunk/src/wp-includes/embed.php

Timestamp:

03/30/2026 12:16:18 AM (2 months ago)

Author:

westonruter

Message:

Media: Guard against false return values from wp_get_attachment_image_src() and wp_getimagesize().

• Add is_array() checks before accessing return values from wp_get_attachment_image_src() in get_oembed_response_data_rich(), wp_playlist_shortcode(), and wp_prepare_attachment_for_js().
• Guard wp_getimagesize() calls within wp_get_attachment_image_src() itself.
• Ensure wp_get_attachment_image_src() always returns the expected array{0: string, 1: int, 2: int, 3: bool} type or false by normalizing the filter result with explicit type casting and default values.
• Add @phpstan-return annotations to both wp_get_attachment_image_src() and wp_getimagesize() for the specific array shapes.

Developed in ​https://github.com/WordPress/wordpress-develop/pull/11073

Props hbhalodia, westonruter, mukesh27, edent, ozgursar, roshniahuja14.
Fixes #64742.

File:

• trunk/src/wp-includes/embed.php (modified) (1 diff)

trunk/src/wp-includes/embed.php

@@ -740 +740 @@
 
     if ( $thumbnail_id ) {
-        list( $thumbnail_url, $thumbnail_width, $thumbnail_height ) = wp_get_attachment_image_src( $thumbnail_id, array( $width, 0 ) );
-        $data['thumbnail_url']                                      = $thumbnail_url;
-        $data['thumbnail_width']                                    = $thumbnail_width;
-        $data['thumbnail_height']                                   = $thumbnail_height;
+        $thumbnail_src = wp_get_attachment_image_src( $thumbnail_id, array( $width, 0 ) );
+
+        if ( is_array( $thumbnail_src ) ) {
+            $data['thumbnail_url']    = $thumbnail_src[0];
+            $data['thumbnail_width']  = $thumbnail_src[1];
+            $data['thumbnail_height'] = $thumbnail_src[2];
+        }
     }