WordPress.org
Get WordPress

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

#45299 closed defect (bug) (fixed)

`wpdb->last_result` may not be countable

Reported by: desrosj's profile desrosj Owned by:
Milestone: 5.0 Priority: normal
Severity: normal Version:
Component: Database Keywords: php73 has-patch has-unit-tests fixed-5.0
Focuses: Cc:

Description

In wpdb->get_col(), $wpdb->last_result may be null or an empty string, which are uncountable values.

This can be triggered by passing an empty query string as a query.

Props @spacedmonkey for pointing this out.

Attachments (4)

45299.diff (593 bytes) - added by spacedmonkey 6 years ago.
45299-bug1.diff (866 bytes) - added by spacedmonkey 6 years ago.
45299.2.diff (1.3 KB) - added by desrosj 6 years ago.
45299.3.diff (4.1 KB) - added by desrosj 6 years ago.
Add some unit tests.

Download all attachments as: .zip

Change History (16)

@spacedmonkey
6 years ago

#1 @spacedmonkey
6 years ago

For a bit more detail, this notice error is generated when an invalid or empty query is passed to the get_col. It is kind of edge case but not to replicate.

The issue, is because get_row can return a last_result as null.
There are two fixes for this, either we change get_row, so it returns an empty array on failure. But this could be a breaking change as it changes functionality.

I have patched a patch for a much similar solution, that doesn't even require is_countable to be called.

@spacedmonkey
6 years ago

#2 @spacedmonkey
6 years ago

While reviewing this bug, I found a second place, where last_result being null would be an issue.

See attached 45299-bug1.diff which is a simple fix. It might have to go in another ticket.

#3 @dd32
6 years ago

  • Component changed from Query to Database
  • Keywords has-patch needs-testing added; needs-patch removed

A visual review of the diffs looks good, marking as has-patch, needs-testing.

  • 45299-bug1.diff matches the check used next block down for ARRAY_*.
  • 45299.diff get_col() differs from the rest of the get_*() methods (which return null in this case) and always returns an array, so this also seems like a sane change.
Last edited 6 years ago by dd32 (previous) (diff)

#4 @desrosj
6 years ago

Related: #43583, #44123.

@desrosj
6 years ago

#5 @desrosj
6 years ago

45299.2.diff is a patch that combines the two changes and applies to the 5.0 branch.

Also, set up a test build on Travis. The changes are not causing any test failures, but I doubt there are tests that would trigger this specific edge case.

This ticket was mentioned in Slack in #core by spacedmonkey. View the logs.
6 years ago

@desrosj
6 years ago

Add some unit tests.

#7 @desrosj
6 years ago

  • Keywords has-unit-tests added; needs-testing removed

#8 @pento
6 years ago

In 43934:

WPDB: Check that $wpdb->last_result is countable before counting with it.

wpdb::get_col() iterates over $wpdb->last_result, which can be a non-countable value, should the preceeding query have failed.

Props spacedmonkey, desrosj.
See #45299.

#9 @pento
6 years ago

  • Keywords fixed-5.0 added

#10 @desrosj
6 years ago

45299.3.diff applies cleanly to the 4.9 branch, if backporting is necessary (more details here).

#11 @desrosj
6 years ago

In 44272:

WPDB: Check that $wpdb->last_result is countable before counting with it.

wpdb::get_col() iterates over $wpdb->last_result, which can be a non-countable value, should the preceding query have failed.

Props spacedmonkey, desrosj, pento.

Merges [43934] into trunk.

See #45299.

#12 @SergeyBiryukov
6 years ago

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.