Opened 10 years ago
Closed 10 years ago
#31554 closed defect (bug) (duplicate)
Setting FS_METHOD,FTP_USR etc in wp-config.php with missing wp-content/languages directory leads to SegFaults
Reported by: | jobst | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.1 |
Component: | Filesystem API | Keywords: | |
Focuses: | Cc: |
Description
Hi!
I had the problem discribed in the subject line on a couple of websites using themes by rockettheme. At first I thought it is based on the themes and plugins I was using. To be sure I tried this with a fresh install of WP 4.1.1. I found that I could reproduce the problem I have described in the subject line with a fresh install.
PROBLEM DESCRIPTION:
- A freshly installed wordpress site that has the FTP CONSTANTS set in wp-config.php will create SEG-FAULT message in error_log of the apache log files when accessing Setting -> General
- A fresh install will fail on deletion of an installed plugin and display a page with either "zero reply" or "browser error" if the FTP CONSTANTS are set in wp-config.php
- both issues use the same function call leading to the errors.
- the name of the function is "fs_connect"
SYSTEM:
- LAMP
- 2.6.18-400.1.1.el5.centos.plus
- PHP 5.3.29
- Apache/2.2.3
- MYSQL 5.5.37
- WP 4.1.1 (fresh install)
HOW TO REPRODUCE:
- install a fresh WP 4.1.1 version
- open website and follow all of the prompts to install site, create admin etc
- log into the site using the just created admin
- go to the admin panel using http://YOUR_SITEDOMAIN/wp-admin/
- click on Setting -> General
- everything works fine
- now add the FTP stuff as shown in http://codex.wordpress.org/Editing_wp-config.php to wp-config.php
- click on Setting -> General
- page has display problems, not updated properly, sometimes it says " .... zero reply .... "
- a SEG-FAULT message is produced, e.g. [Sat Mar 07 15:50:51 2015] [notice] child pid 15422 exit signal Segmentation fault (11)
- now go to /PATH_TO_WP_INSTALL/wp-content
- add a directory with the name of "languages"
- click on Setting -> General
- no problem, no seg fault, page is displayed properly and refreshed
MY RESEARCH INTO THIS:
It took me some tracing to find that the error was created in /PATH_TO_WP_INSTALL/wp-admin/includes/class-wp-upgrader.php in the function fs_connect in the switch statement "default" case. I included a debug statement in that function right at he beginning to see what path generated this error:
error_log(" FS_CONNECT: ".print_r($directories,1));
which gave me this output on fail:
[07-Mar-2015 06:44:40 UTC] FS_CONNECT: Array ( [0] => /PATHDELETED/wp-content [1] => /PATHDELETED/wp-content/languages )
while the error_log displayed this:
[Sat Mar 07 17:44:40 2015] [notice] child pid 578 exit signal Segmentation fault (11)
It took me some time to get to the real problem:
- When the function "fs_connect" (see a couple of lines above) is called, it calls a function find_folder($dir) where $dir is (when the seg fault is called) "/PATHDELETED/wp-content/languages".
- find_folder resides in /PATHDELETED/wp-admin/includes/class-wp-filesystem-base.php on line 222. If this function cannot find the folder after some 30 lines of code tried to find it, the function employs another function called "seach_for_folder()" which is in the same file on line 291.
- Right at the start of that function "seach_for_folder()" there is an if statement checking whether $base is empty or '.', if either it sets
$base = railingslashit($this->cwd());
which actually is the bug.
- all trailingslashit does appending a "/" to the end of the string returned by $this->cwd() - however $this->cwd() returns a string that includes a "\n", this crashes wordpress with a segfault so in fact the return string has a newline character in between the string and the /
FAULTY EXAMPLE
if ( empty( $base ) || '.' == $base ) $base = trailingslashit($this->cwd()); error_log("BASE: ".$base); BASE: /home/ssh_user_name /
CHANGED CODE TO FIX THE BUG:
if ( empty( $base ) || '.' == $base ) { $tmp=$this->cwd(); $tmp=preg_replace("/[\r\n\m\t]/","",$tmp); $base = trailingslashit($tmp); } echo "BASE: $base" BASE: /home/ssh_user_name/
The last example does not SEGFAULT the system.
There is a secondary issue with this, due to the failure (SEG FAULT) of the script no error is returned to the caller, in this case "/wp-admin/options-general.php", the user will not see the problem other than after "Timezone" nothing is diplayed and the button "Save Changes" is missing.
Since the deletion of a plugin calls "fs-connect" is has the same problem.
jobst
Hello @jobst,
thanks for your first ticket! We already have #30802 which mentions a failure on
/wp-admin/options-general.php
but we haven't enough infomation to track it down, until now.Could you please add your results as a comment on #30802 so we can close this one as a duplicate? Thanks!