[wp-trac] [WordPress Trac] #40552: Calling wp_parse_args() early, with $args as empty string, may cause fatal error

WordPress Trac noreply at wordpress.org
Mon Apr 24 15:41:29 UTC 2017


#40552: Calling wp_parse_args() early, with $args as empty string, may cause fatal
error
-----------------------------+-----------------------------
 Reporter:  johnjamesjacoby  |      Owner:
     Type:  defect (bug)     |     Status:  new
 Priority:  normal           |  Milestone:  Awaiting Review
Component:  Formatting       |    Version:
 Severity:  normal           |   Keywords:
  Focuses:                   |
-----------------------------+-----------------------------
 When running the unit test suite while working on #31245, I ran into an
 edge-case fatal error:

 {{{
 Fatal error: Uncaught Error: Call to undefined function wp_parse_str() in
 /srv/www/wordpress-develop/public_html/src/wp-includes/functions.php on
 line 3487

 Error: Call to undefined function wp_parse_str() in /srv/www/wordpress-
 develop/public_html/src/wp-includes/functions.php on line 3487
 }}}

 Anytime between `functions.php` being loaded and `formatting.php` being
 loaded, calling `wp_parse_args()` with an empty string as the first
 parameter will trigger it, and I was doing this in the
 `wp_load_alloptions()` stack with my test code.

 It happens because `wp_parse_args()` calls `wp_parse_str()` when `$args`
 is an empty string, and because `formatting.php` is loaded well after
 `functions.php`, the above fatal happens.

 ----

 It's not a bug in core today, but it could be a problem later.

 In my research, one place of relatively high risk is `register_setting()`.
 You'd need to pass an empty string as the third parameter, and it would
 need to be early in the stack, but it calls `wp_parse_args()` and is in
 `functions.php`.

 ----

 One potential solution is to move `wp_parse_str()` out of `formatting.php`
 and into `functions.php`, alongside it's other `wp_parse_` siblings.
 Another would be to load `formatting.php` sooner.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/40552>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list