Opened 13 months ago
#59705 new defect (bug)
get_metadata_raw() will return false when unserialize() fails
Reported by: | igorsch | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 5.8 |
Component: | Options, Meta APIs | Keywords: | |
Focuses: | Cc: |
Description
The return value of get_metadata_raw() is documented as follows:
- False for an invalid
$object_id
(non-numeric, zero, or negative value),- or if
$meta_type
is not specified.
Source: https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/meta.php#L596:L597
However, if your metadata contains serialized data that is incorrect for some reason, maybe_unserialize() will (also) return false
.
Source: https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/meta.php#L661
E.g. a:2:{s:3:"foo";b:1;}
is invalid due to it expecting 2 entries, but only 1 is present.
History check; It seems to have been made a lot more precise (but missing this minor case):
Note: See
TracTickets for help on using
tickets.