[wp-trac] [WordPress Trac] #59712: `WP_Ugrader` doesn't check source and destination variable types, is missing a string.
WordPress Trac
noreply at wordpress.org
Thu Apr 11 22:47:15 UTC 2024
#59712: `WP_Ugrader` doesn't check source and destination variable types, is
missing a string.
-------------------------------------------------+-------------------------
Reporter: peterwilsoncc | Owner:
| peterwilsoncc
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 6.6
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests needs- | Focuses:
testing |
-------------------------------------------------+-------------------------
Comment (by afragen):
@peterwilsoncc that looks like it should cover the edge case above but it
also looks like it could pass along empty strings. Does it work with the
tests?
Maybe
{{{#!php
<?php
if (
( ! is_string( $source ) || '' === trim( $source ) || $source !==
trim( $source ) ||
( ! is_string( $destination ) || '' === trim( $destination ) ||
$source !== trim( $destination )
) {
}}}
Again, not sure that this isn't overkill as `$source` and `$destination`
shouldn't really have leading or trailing spaces, but there are enough
filters that may allow for this.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59712#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list