Subject: [PATCH] Perform json_validate before json_decode on REST API request data
---
Index: src/wp-includes/rest-api/class-wp-rest-request.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
--- a/src/wp-includes/rest-api/class-wp-rest-request.php	(revision bacdb2f89e471b96bba7e15862e20fbee6e4eab8)
+++ b/src/wp-includes/rest-api/class-wp-rest-request.php	(date 1706623616516)
@@ -682,6 +682,11 @@
 			return true;
 		}
 
+		// Perform validation if json_validate is available.
+		if ( function_exists( 'json_validate' ) && json_validate( $body, true ) === false ) {
+			return new WP_Error( 'rest_invalid_json', 'Invalid JSON body passed.' );
+		}
+
 		$params = json_decode( $body, true );
 
 		/*