Make WordPress Core

Opened 5 years ago

Closed 3 weeks ago

#52178 closed defect (bug) (worksforme)

Allowed memory size exhausted / url creates new post entry?

Reported by: sgatz's profile sgatz Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.6
Component: Posts, Post Types Keywords: reporter-feedback
Focuses: Cc:

Description

We get repeated bots (across multiple WP sites) hitting a specific URL pattern, they append a query string onto the end of a wordpress URL like this:

https://www.example.com/permalink-to-article?q=user%2Fpassword&name%5B%23markup%5D=id&name%5B%23type%5D=markup&name%5B%23post_render%5D%5B%5D=passthru

This causes a memory exhausted error here:
/wp/wp-includes/post.php at line 773:

} elseif ( is_object( $post ) ) {
		if ( empty( $post->filter ) ) {
			$_post = sanitize_post( $post, 'raw' );
			$_post = new WP_Post( $_post );    ##<--- HERE
		} elseif ( 'raw' === $post->filter ) {
			$_post = new WP_Post( $post );
		} else {


Change History (4)

#1 @SergeyBiryukov
5 years ago

  • Component changed from General to Posts, Post Types

This ticket was mentioned in Slack in #core by lukecarbis. View the logs.


5 years ago

#3 @noisysocks
5 years ago

  • Keywords reporter-feedback added

Hi @sgatz! Does this happen when all plugins are deactivated and a default theme is used? I'm unable to recreate the error when I append that query string to a post permalink.

#4 @mindctrl
3 weeks ago

  • Resolution set to worksforme
  • Status changed from new to closed

Hi @sgatz, I'm also unable to reproduce this bug. Due to the inability to reproduce, the lack of more reports, and the amount of time that has passed, I'm going to close this ticket to help clean up the backlog in Trac.

If you are still experiencing this, feel free to reopen with a set of instructions on how to reproduce the error and we can dig into it.

Note: See TracTickets for help on using tickets.