Opened 5 months ago
Last modified 9 days ago
#58798 new defect (bug)
Fix possible PHP warning in /wp-includes/feed.php
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | 6.2.2 |
| Component: | Feeds | Keywords: | needs-patch |
| Focuses: | Cc: |
Description
If some plugins or themes use "enclosure" meta field as a one-line string, it results in PHP warnings:
PHP Warning: Undefined array key 2 in /wp-includes/feed.php on line 484
PHP Warning: Undefined array key 1 in /wp-includes/feed.php on line 494
It happens because there is no check of string content there:
foreach ( (array) get_post_custom() as $key => $val ) {
if ( 'enclosure' === $key && is_array( $val ) ) {
foreach ( (array) $val as $enc ) {
$enclosure = explode( "\n", $enc );
/ Only get the first element, e.g. 'audio/mpeg' from 'audio/mpeg mpga mp2 mp3'.
$t = preg_split( '/[ \t]/', trim( $enclosure[2] ) );
$type = $t[0];
/**
* Filters the RSS enclosure HTML link tag for the current post.
*
* @since 2.2.0
*
* @param string $html_link_tag The HTML link tag with a URI and other attributes.
*/
echo apply_filters( 'rss_enclosure', '<enclosure url="' . esc_url( trim( $enclosure[0] ) ) . '" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( $type ) . '" />' . "\n" );
}
}
}
Proposal:
Add checks if the enclosure is an array, and each item can be exploded into exactly 3 items:
if ( 'enclosure' === $key && is_array( $val ) ) {}
And this:
$enclosure = explode( "\n", $enc );
if ( 3 !== count( $enclosure ) ) {
continue;
}
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
Patch added