WordPress.org

Make WordPress Core

Opened 6 months ago

Closed 6 months ago

Last modified 5 weeks ago

#47441 closed defect (bug) (fixed)

WP_Ajax_Upgrader_Skin Bug: "unique" error code is always 1

Reported by: jrf Owned by: SergeyBiryukov
Milestone: 5.3 Priority: normal
Severity: normal Version: 4.6
Component: Upgrade/Install Keywords: has-patch php74 has-dev-note
Focuses: Cc:
PR Number:

Description

The concatenation and plus/minus signs in PHP have the same operator precedence.

With that in mind, have a look at the following code in wp-admin/includes/class-wp-ajax-upgrader-skin.php:

<?php
// Count existing errors to generate an unique error code.
$errors_count = count( $this->errors->get_error_codes() );
$this->errors->add( 'unknown_upgrade_error_' . $errors_count + 1, $string );

The "unique" error code, will basically always be 1 as the concatenation is done first, the resulting string which doesn't start with a number is then cast to an integer - 0 - before the addition of 1 is done and 0 + 1 will always be 1.

See: https://3v4l.org/EYuU8

While this is a bug in its own right as is, as of PHP 8.0, the operator precedence of concatenation will be lowered, with deprecation notices being thrown as of PHP 7.4 for unparenthesized expressions containing an '.' before a '+' or '-'.

Also see:

Attachments (1)

47441.patch (1.2 KB) - added by jrf 6 months ago.

Download all attachments as: .zip

Change History (6)

@jrf
6 months ago

#1 @SergeyBiryukov
6 months ago

  • Milestone changed from Awaiting Review to 5.3
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#2 @jrf
6 months ago

Note: this is the only code within WordPress which is affected by this PHP 7.4/8.0 change based on an analysis done by Nikita Popov of PHP core before this change was implemented.
See:

FYI: there will soon be a sniff available in PHPCompatibility to detect code affected by this change so userland code/plugins/themes can verify whether they are affected.

#3 @SergeyBiryukov
6 months ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 45487:

Upgrade/Install: Correct operator precedence for an error code in WP_Ajax_Upgrader_Skin::error().

Props jrf.
Fixes #47441.

#4 @jrf
4 months ago

  • Keywords php74 added
Note: See TracTickets for help on using tickets.