WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#12836 closed defect (bug) (fixed)

_deep_replace can cause infinite loop

Reported by: mdawaffe Owned by:
Milestone: 3.0 Priority: low
Severity: major Version: 3.0
Component: General Keywords: has-patch commit
Focuses: Cc:

Description

Calling _deep_replace( $search, $subject ) on an array $subject can cause an infinite loop since strpos( array(), 'foo' ) will return NULL.

Patch attached.

Attachments (1)

12836.diff (393 bytes) - added by mdawaffe 4 years ago.

Download all attachments as: .zip

Change History (4)

mdawaffe4 years ago

comment:1 follow-up: nacin4 years ago

Sounds like that's incorrect use as it only wants a string, but that said, seems like a fine defensive check to me.

comment:2 nacin4 years ago

  • Resolution set to fixed
  • Status changed from new to closed

Wrong ticket referenced:

(In [13983]) Cast subject of _deep_replace() to string to prevent an infinite loop. props mdawaffe, fixes #12386

comment:3 in reply to: ↑ 1 mdawaffe4 years ago

Replying to nacin:

Sounds like that's incorrect use as it only wants a string, but that said, seems like a fine defensive check to me.

It is an incorrect use. I came across the problem when I accidentally did esc_url( get_post_meta( ... ) ) (since get_post_meta returns an array by default).

Note: See TracTickets for help on using tickets.