#56558 closed defect (bug) (fixed)
Fatal Error caused by Uncaught TypeError: trim(): Argument #1 ($string) must be of type string, array given in /www/example_website/public/wp-includes/class-wp-query.php:803
Reported by: | rlmc | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 6.4 | Priority: | normal |
Severity: | minor | Version: | 1.5 |
Component: | Query | Keywords: | needs-testing has-patch needs-testing-info |
Focuses: | Cc: |
Description (last modified by )
I found this in my error.log file on my web server. If I paste the same url onto my website, it does indeed cause a fatal error. Here is the full entry from the error.log file...the only change I made is to disguise my website as example.com:
2022/09/11 01:49:53 [error] 90419#90419: *4359495 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught TypeError: trim(): Argument #1 ($string) must be of type string, array given in /www/example_website/public/wp-includes/class-wp-query.php:803 Stack trace: #0 /www/example_website/public/wp-includes/class-wp-query.php(803): trim(Array) #1 /www/example_website/public/wp-includes/class-wp-query.php(1792): WP_Query->parse_query() #2 /www/example_website/public/wp-includes/class-wp-query.php(3586): WP_Query->get_posts() #3 /www/example_website/public/wp-includes/class-wp.php(648): WP_Query->query(Array) #4 /www/example_website/public/wp-includes/class-wp.php(775): WP->query_posts() #5 /www/example_website/public/wp-includes/functions.php(1330): WP->main('') #6 /www/example_website/public/wp-blog-header.php(16): wp() #7 /www/example_website/public/index.php(17): require('/www/example...') #8 {main} thrown in /www/examplewebsite" while reading response header from upstream, client: 82.199.155.149, server: www.example.com, request: "POST /example_page?q=user%2Fpassword&name%5B%23post_render%5D%5B%5D=passthru&name%5B%23type%5D=markup&name%5B%23markup%5D=id HTTP/1.1", upstream: "fastcgi://unix:/var/run/php8.0-fpm-examplewebsitehhub.sock:", host: "www.example.com:61359"
Change History (21)
#3
@
16 months ago
- Description modified (diff)
- Keywords needs-patch added
- Milestone changed from Awaiting Review to 6.4
#4
@
16 months ago
- Keywords needs-testing has-patch added; needs-patch removed
Thanks for pointing me to the PR which fixes the original portion of this ticket @SergeyBiryukov!
I have created a PR over at GitHub to fix the $page
portion, this is my first time doing a PR in GitHub instead of via SVN so let me know if I did it right.
This ticket was mentioned in PR #4920 on WordPress/wordpress-develop by BrookeDot.
15 months ago
#5
This PR builds on the work completed with the closure of Trac-17737
It ensures that the value of $page in a query is scalar prior to attempting to trim or assign it to an absint avoiding a fatal error if an array is passed.
Fixes: (comment 2)
Trac ticket:https://core.trac.wordpress.org/ticket/56558
Edit: update first Trac link as the PR was associated with the wrong trac ticket.
@SergeyBiryukov commented on PR #4920:
15 months ago
#7
Thanks for the PR! Left a minor comment, looks good to me otherwise 🙂
BrookeDot commented on PR #4920:
15 months ago
#8
Thanks for the PR! Left a minor comment, looks good to me otherwise 🙂
Yep, I did briefly think about that ;)
This ticket was mentioned in Slack in #core by nicolefurlan. View the logs.
13 months ago
This ticket was mentioned in Slack in #core by oglekler. View the logs.
13 months ago
@mukesh27 commented on PR #4920:
13 months ago
#13
@BrookeDot Could you please rebase your PR?
BrookeDot commented on PR #4920:
13 months ago
#14
Could you please rebase your PR?
@mukeshpanchal27 against trunk right?
@mukesh27 commented on PR #4920:
13 months ago
#15
Yes
BrookeDot commented on PR #4920:
13 months ago
#16
I think I did it @mukeshpanchal27 I see the tests are running now.
Let me know, I'm new to contributing via GitHub :D
BrookeDot commented on PR #4920:
13 months ago
#17
Looks like one test failed, unrelated to the PR. Can you run it again?
@mukesh27 commented on PR #4920:
13 months ago
#18
Thanks @BrookeDot, For the https://github.com/WordPress/wordpress-develop/pull/4920#discussion_r1346856772 i would like to get @SergeyBiryukov thought.
@SergeyBiryukov commented on PR #4920:
13 months ago
#21
Thanks for the PR! Merged in r56815.
This recently came up in
wp-includes/class-wp-query.php:1973
on a site I was working on. As the site was running WordPress 6.1, I am linking to the same line in 6.2 but the line number has changedhttps://github.com/WordPress/wordpress-develop/blob/6.2/src/wp-includes/class-wp-query.php#L2011-L2014
The URL passed looks like this:
www.example.com.com/tags/the-tage/?page[%24eq]=1
In this case, some bad actor seems to be trying to brute-force the URL. It appears the solution may be to add some additional validation on the
page
query to return if anything but a string on thetrim
.Looking at the original report though, it seems there may be several places where adjustments need to be made.
Thoughts?