WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 4 years ago

#10665 closed defect (bug) (fixed)

Protect XMLRPC against failures when WP_DEBUG enabled

Reported by: redsweater Owned by: westi
Milestone: 3.1 Priority: normal
Severity: normal Version:
Component: XML-RPC Keywords: has-patch
Focuses: Cc:

Description

Further protections for xmlrpc.php to guard against errors that are printed when WP_DEBUG is enabled.

The attached patch protects against failures that occur when the optional parameters for enclosures, categories, and ping urls are omitted by the client.

Attachments (2)

XMLRPCSafety.diff (3.1 KB) - added by redsweater 6 years ago.
10665.diff (7.2 KB) - added by sorich87 5 years ago.

Download all attachments as: .zip

Change History (10)

comment:1 @redsweater6 years ago

  • Cc jalkut@… added
  • Component changed from General to XML-RPC
  • Owner set to josephscott

@redsweater6 years ago

comment:2 @redsweater6 years ago

I altered the patch to be especially careful that the variables being initialized are set to the same default values they would have received previously. In particular, the problematic array lookups yield initial values of NULL, which I now set explicitly as the fallback value in case the array items don't exist.

I switched from using "!empty" to "isset", so that the logic is identical to before: if the array element is set at all, it is used to initialize the variable. If it's not set, then NULL is used. For categories, an empty array is the default initialized value, which matches previous behavior as well.

comment:3 @nacin5 years ago

  • Milestone changed from Unassigned to 3.0

comment:4 @nacin5 years ago

  • Milestone changed from 3.0 to 3.1
  • Status changed from new to assigned

comment:5 @nacin5 years ago

  • Keywords needs-refresh added; has-patch removed
  • Milestone changed from Awaiting Triage to 3.1

@sorich875 years ago

comment:6 @sorich875 years ago

  • Keywords has-patch added; needs-refresh removed

comment:7 @westi5 years ago

  • Owner changed from josephscott to westi

I'll look into getting these committed

comment:8 @automattor4 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [16824]) Work around some unset variable notices in xmlrpc.php. props redsweater. props sorich87. fixes #10665

Note: See TracTickets for help on using tickets.