WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

#8054 closed defect (bug) (worksforme)

Incorrect string value for column 'comment_content'

Reported by: juergen Owned by: ryan
Milestone: Priority: low
Severity: minor Version: 2.6.1
Component: Security Keywords: reporter-feedback
Focuses: Cc:

Description

I know it's just a spam comment that got lost but it's still an error:

Nov  4 00:31:54 server apache2: WordPress database error Incorrect string value: '\xDD\xF2\xEE \xE2\xF1...' for column 'comment_content' at row 1 for query INSERT INTO wp_comments ^I(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type, comment_parent, user_id) ^IVALUES (36, 'Diminco2', 'irka_coooool@mail.ru', 'http://mirtesen.ru/n/1600401229', '92.114.168.113', '2008-11-04 00:31:54', '2008-11-0

Change History (3)

comment:1 Denis-de-Bernardy5 years ago

  • Component changed from Comments to Security
  • Keywords dev-feedback added
  • Owner set to ryan

possibly of interest to the security department

comment:2 Denis-de-Bernardy5 years ago

  • Milestone changed from 2.8 to Future Release
  • Priority changed from normal to low
  • Severity changed from normal to minor

It's probably related to erroneous or insufficient string sanitization. someone would have sought to insert a binary string into a TEXT field. It's minor, however, since the DB catches it.

comment:3 Denis-de-Bernardy5 years ago

  • Keywords reporter-feedback added; dev-feedback removed
  • Milestone Future Release deleted
  • Resolution set to worksforme
  • Status changed from new to closed

closing from lack of a working test case

Note: See TracTickets for help on using tickets.