WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#11912 closed defect (bug) (fixed)

missing check in WP_Http_Encoding::decompress() leads to gzuncompress errors

Reported by: rowanbeentje Owned by: dd32
Milestone: 3.0 Priority: normal
Severity: normal Version: 2.9.1
Component: HTTP API Keywords: has-patch
Focuses: Cc:

Description

Hi there,

We have a custom PHP error handler which catches errors (both trigger_error'd and fatal) and files them in a tracking system; over the last few weeks we've had quite a few occurrences of "gzuncompress() : data error" thrown in WP_Http_Encoding::decompress().

When I first looked into this I found #11600, and thought that was the cause; as a result I took the http.php file from http://core.trac.wordpress.org/export/11450/trunk/wp-includes/http.php and dropped that in over the 2.9.1 version. Unfortunately that hasn't stopped the occurrences!

Fortunately our error handler captures a backtrace and some context; as a result, I can see that WP_Http_Encoding::decompress() is called with one argument: false. gzinflate simply returns false when it is passed false, but gzuncompress throws an E_WARNING.

I'm not entirely sure why decompress() is being passed false - my suspicion is that the curl request is timing out, but that decompress is called on the result anyway? I haven't followed the logic through completely…

Here's an abbreviated backtrace; let me know if you need more detail.

  1. blog/wp-cron.php:55

do_action_ref_array('do_pings', array());

  1. blog/wp-includes/plugin.php:414

call_user_func_array('do_all_pings', array());

  1. do_all_pings(array())
  2. blog/wp-includes/comment.php:1543

do_enclose(<snip>, <snip>)

  1. blog/wp-includes/functions.php:1163

wp_get_http_headers(<snip url>)

  1. blog/wp-includes/functions.php:1233

wp_remote_head(<snip url>)

  1. blog/wp-includes/http.php:1968

WP_Http::head(<snip url>, array())

  1. blog/wp-includes/http.php:366

WP_Http_Curl::request(<snip url>, array(method:head, timeout:5, redirection:5, httpversion:1.0, etc etc))

  1. blog/wp-includes/http.php:1354

WP_Http_Encoding::decompress(false)

  1. blog/wp-includes/http.php:1792

gzuncompress(false)

Attachments (1)

11912.diff (454 bytes) - added by Denis-de-Bernardy 4 years ago.

Download all attachments as: .zip

Change History (5)

comment:1 Denis-de-Bernardy4 years ago

  • Keywords needs-patch added; gzuncompress decompress http cron removed
  • Milestone changed from Unassigned to 3.0
  • Summary changed from gzuncompress errors in WP_Http_Encoding::decompress() to missing check in WP_Http_Encoding::decompress() leads to gzuncompress errors

Looks like a check is potentially missing:

http://php.net/manual/en/function.substr.php

If string is less than or equal to start characters long, FALSE will be returned.

Denis-de-Bernardy4 years ago

comment:2 Denis-de-Bernardy4 years ago

  • Keywords has-patch added; needs-patch removed

comment:3 dd324 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [12739]) Correctly set the body on Curl requests with an empty body. Add a defensive check to WP_Http_Encoding::decompress to prevent the decompression functions running on empty strings. Fixes #11912

comment:4 dd324 years ago

All the other transports set body to an empty string (rather than false or null) so i've done the same for curl.

Note: See TracTickets for help on using tickets.