Make WordPress Core

Opened 10 years ago

Closed 10 years ago

#29542 closed defect (bug) (fixed)

hash_equals throws a fatal error (hhvm) when a nonce is sent as an integer

Reported by: newleaves's profile newleaves Owned by:
Milestone: 4.1 Priority: low
Severity: normal Version: 4.0
Component: Plugins Keywords: has-patch needs-testing
Focuses: Cc:

Description

This is a follow-up to #29217.

can we add:

$nonce = (string) $nonce;

to the top of the wp_verify_nonce() function in /wp-includes/pluggable.php

Attachments (2)

29542.diff (1.0 KB) - added by jesin 10 years ago.
Type cast $nonce to string. Includes unit tests.
29542.2.diff (1.3 KB) - added by jesin 10 years ago.
Removes 29620, includes 29542.diff

Download all attachments as: .zip

Change History (9)

#1 @nacin
10 years ago

  • Keywords needs-patch needs-unit-tests added
  • Milestone changed from Awaiting Review to 4.1
  • Priority changed from normal to low

@jesin
10 years ago

Type cast $nonce to string. Includes unit tests.

#2 @jesin
10 years ago

  • Keywords has-patch needs-testing added; needs-patch needs-unit-tests removed

Patch 29542.diff's unit test would error on PHP 5.6 without the type cast.

#3 follow-up: @nacin
10 years ago

We can likely revert [29620/trunk/src] in the process.

@jesin
10 years ago

Removes 29620, includes 29542.diff

#4 @jesin
10 years ago

Patch 29542.2.diff reverts [29620/trunk/src]. Now null becomes a string "null".

I think that shouldn't be a problem.

#5 @nacin
10 years ago

(string) null is an empty string.

#6 in reply to: ↑ 3 @ocean90
10 years ago

Replying to nacin:

We can likely revert [29620/trunk/src] in the process.

Sure, it will be a string, but still empty. I think it's okay to bail earlier if nothing exists to compare against.

#7 @ocean90
10 years ago

  • Resolution set to fixed
  • Status changed from new to closed

In 30576:

Type cast $nonce to string in wp_verify_nonce().

props jesin.
fixes #29542.

Note: See TracTickets for help on using tickets.