WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 months ago

#18953 closed defect (bug) (invalid)

String index handling mistake in TinyMCE's JSON.php causes a PHP "Notice" message

Reported by: carlosman Owned by: azaozz
Milestone: Priority: normal
Severity: normal Version: 3.2.1
Component: TinyMCE Keywords: has-patch
Focuses: Cc:

Description

In the SpellChecker plugin for TinyMCE with a PHP backend, in file JSON.php, in lines 332 ("read" function) and 350 ("peek" function), the $this->_data string index ($this->_pos) is compared with $this->_data string length ($this->_len). These allow errors in lines 339 and 351 of their respective functions, when the $this->_pos index gets to be equal to the length of the string. This situation generates the following messages to show up in PHP servers configured to show notice-level debug information:

Notice: Uninitialized string offset: <length of _data> in <WordPress path>/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/JSON.php on line 351

Notice: Uninitialized string offset: <length of _data> in <WordPress path>/wp-includes/js/tinymce/plugins/spellchecker/classes/utils/JSON.php on line 339

I will attach a patch file to illustrate how I solved this situation.

Attachments (1)

JSON.php.diff (631 bytes) - added by carlosman 3 years ago.

Download all attachments as: .zip

Change History (6)

carlosman3 years ago

comment:1 SergeyBiryukov3 years ago

  • Keywords has-patch added

comment:2 carlosman2 years ago

  • Severity changed from trivial to normal

comment:3 SergeyBiryukov2 years ago

Should probably be reported upstream?

comment:4 SergeyBiryukov2 years ago

  • Owner set to azaozz
  • Status changed from new to reviewing

comment:5 azaozz3 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from reviewing to closed

The bug still exists but we don't use the spellchecker plugin any more. A ticket on TinyMCE's bug tracker would be better.

Note: See TracTickets for help on using tickets.