WordPress.org

Make WordPress Core

Opened 4 years ago

Last modified 5 months ago

#35755 new defect (bug)

wp_tempnam produces filenames longer than 255 characters

Reported by: doems Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.4
Component: Filesystem API Keywords:
Focuses: Cc:
PR Number:

Description

Summary
Since the maximal filename length of the most filesystems out there is 255, the function should try to avoid filenames longer than 255 characters.

Reproduce
If the passed-in $filename parameter is longer than 245 characters (WordPress appends a string which has 10 characters), PHP will fail on the following line: https://github.com/WordPress/WordPress/blob/6995ec613e5f113cedea4f0481b9030f79fabc0a/wp-admin/includes/file.php#L183.

Fix

<?php
if ( strlen( $filename ) > 245 ) {
    $filename = substr( $filename, 0, 244);
}

Change History (1)

#1 @obenland
4 years ago

  • Version changed from trunk to 4.4

Introduced in [35644] for #34562.

Note: See TracTickets for help on using tickets.