Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 5 years ago

#47441 closed defect (bug) (fixed)

WP_Ajax_Upgrader_Skin Bug: "unique" error code is always 1

Reported by: jrf's profile jrf Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: 5.3 Priority: normal
Severity: normal Version: 4.6
Component: Upgrade/Install Keywords: has-patch php74 has-dev-note
Focuses: Cc:

Description

The concatenation and plus/minus signs in PHP have the same operator precedence.

With that in mind, have a look at the following code in wp-admin/includes/class-wp-ajax-upgrader-skin.php:

<?php
// Count existing errors to generate an unique error code.
$errors_count = count( $this->errors->get_error_codes() );
$this->errors->add( 'unknown_upgrade_error_' . $errors_count + 1, $string );

The "unique" error code, will basically always be 1 as the concatenation is done first, the resulting string which doesn't start with a number is then cast to an integer - 0 - before the addition of 1 is done and 0 + 1 will always be 1.

See: https://3v4l.org/EYuU8

While this is a bug in its own right as is, as of PHP 8.0, the operator precedence of concatenation will be lowered, with deprecation notices being thrown as of PHP 7.4 for unparenthesized expressions containing an '.' before a '+' or '-'.

Also see:

Attachments (1)

47441.patch (1.2 KB) - added by jrf 6 years ago.

Download all attachments as: .zip

Change History (6)

@jrf
6 years ago

#1 @SergeyBiryukov
6 years ago

  • Milestone changed from Awaiting Review to 5.3
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#2 @jrf
6 years ago

Note: this is the only code within WordPress which is affected by this PHP 7.4/8.0 change based on an analysis done by Nikita Popov of PHP core before this change was implemented.
See:

FYI: there will soon be a sniff available in PHPCompatibility to detect code affected by this change so userland code/plugins/themes can verify whether they are affected.

#3 @SergeyBiryukov
6 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45487:

Upgrade/Install: Correct operator precedence for an error code in WP_Ajax_Upgrader_Skin::error().

Props jrf.
Fixes #47441.

#4 @jrf
5 years ago

  • Keywords php74 added
Note: See TracTickets for help on using tickets.