Opened 6 months ago
#58619 new defect (bug)
absint() causes unexpected behavior for metadata functions which use get_metadata_raw()
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Options, Meta APIs | Keywords: | |
| Focuses: | Cc: |
Description
I discovered this behavior when testing on WordPress version 5.6 and observed the logic flaw in the current code documentation.
In my instance, I have a function that is expected to retrieve a user ID and returns -1 as an error case. This can then end up being used with WordPress's get_user_meta() which eventually uses get_metadata_raw(). The use of absint() on the $object_id within this function causes unexpected behavior as my -1, an invalid object ID, is now interpreted as 1, a valid object ID.
I was expecting WordPress to treat the object ID as invalid if it was so, but it instead changed the value of my provided argument.
The offending code is here: https://core.trac.wordpress.org/browser/tags/6.2/src/wp-includes/meta.php#L603
Please let me know if I'm misunderstanding the purpose of absint() within this function, but it seems like a sneaky rug pull gotcha. I believe the validation on L599 which includes ! is_numeric( $object_id ) should also include || $object_id < 0 to resolve this issue, as well as change L603 to use intval().