[wp-trac] [WordPress Trac] #39338: class-wp-hook.php - apply_filters() infinite loop

WordPress Trac noreply at wordpress.org
Mon Jan 21 00:33:51 UTC 2019 

#39338: class-wp-hook.php - apply_filters() infinite loop
--------------------------+-----------------------------
 Reporter:  frettled      |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Future Release
Component:  Plugins       |     Version:  4.7
 Severity:  critical      |  Resolution:
 Keywords:  has-patch     |     Focuses:
--------------------------+-----------------------------

Comment (by trongn):

 Replying to [comment:51 frettled]:
 > Replying to [comment:45 dd32]:
 >
 > > (edit: Strange observation: This shouldn't be possible to trigger on
 PHP 5.2, as `next()` will return `false` on the invalid inputs there, and
 exit the loop)
 >
 > No, that's not how next() works in PHP.
 >
 > Here's a very simple test for you:
 >
 > {{{#!php
 > <?php
 > $var = NULL;
 > $n = 0;
 > while ($n < 10 && false !== next($var)) {
 >     $n++;
 >     echo $n;
 > }
 > }}}
 >
 > This produces an infinite loop in PHP 5.x and 7.x, only by the kindness
 of the check for $n, your screen's scrollback won't fill infinitely.
 >
 > My patch works. If it breaks something that you avoid an infinite loop
 instead of having a log-filling, CPU-gobbling infinite loop, that's
 **perfectly fine**. It's better that the code crashes.
 >
 > If Wordpress has some sort of error handler that can be invoked in the
 case that the "impossible" (yet prevalent) NULL condition occurs, invoking
 it at that time seems like a good idea.
 Hi,

 I tried to apply your fix however the infinitive loop still came back with
 a slightly different error:
 PHP Warning:  next() expects parameter 1 to be array, boolean given, ...
 PHP Warning:  current() expects parameter 1 to be array, ...

 So i have modified the fix to use is_array instead of !is_null and it
 covers both NULL and boolean issues. I have 2 different versions of
 Wordpress to manage and there are different php files to modify based on
 error details:

 - Wordpress v4.9.9 (recent version, and fix all similar while loops)
 Fix class-wp-hook.php in wp-includes folder (fix all similar while loops)
 } while ( is_array( $this->iterations[ $nesting_level ] ) && false !==
 next( $this->iterations[ $nesting_level ] ) );

 - Wordpress v4.6.1
 Fix plugin.php in wp-includes folder (fix all similar while loops)
 } while (is_array($wp_filter[$tag]) && next($wp_filter[$tag]) !== false );

 I hope this will help someone. Cheers

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/39338#comment:52>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list