Make WordPress Core

Opened 13 years ago

Closed 11 years ago

Last modified 11 years ago

#17445 closed defect (bug) (invalid)

Give a speed kick to combined is_serialized() + is_serialized_string() + maybe_unserialize() usage

Reported by: hakre's profile hakre Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.2
Component: General Keywords:
Focuses: Cc:


In #17129 is_serialized_string() has been speed up by 23%. That was for the function itself.

However, that function is used in contexts that make the call to is_serialized() directly or indirectly via maybe_unserialize().

Most often these calls are redundant and must not be done at all.

If preconditions are already met, is_serialized_string() can be replaced with a simple check for the 's' or 'S' format and maybe_unserialize() can be replaced with @unserialize($data) as that's the code executed in maybe_unserialize() when is_serialze() had returned true on $data;

Attachments (1)

17445.patch (3.7 KB) - added by hakre 13 years ago.

Download all attachments as: .zip

Change History (5)

13 years ago

#1 @hakre
13 years ago

Added a patch. Technically it would allow to deprecate is_serialized_string() as it is not needed any longer by core.

Next to that I suggest to remove the trim() from is_serialized() as maybe_serialize() does not unserialize on trimmed but on untrimmed data. Technically it does fail on untrimmed data which has been reported as being serialized by is_serialize().

Related: #17375

Last edited 13 years ago by hakre (previous) (diff)

#2 @scribu
13 years ago

@unserialize() is not an acceptable solution.

#3 @c3mdigital
11 years ago

  • Resolution set to invalid
  • Status changed from new to closed

See comment in #16504 regarding security implications.

#4 @SergeyBiryukov
11 years ago

  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.