[wp-trac] [WordPress Trac] #9549: WP should catch serialization
errors in options and meta fields
WordPress Trac
wp-trac at lists.automattic.com
Thu Apr 16 19:06:34 GMT 2009
#9549: WP should catch serialization errors in options and meta fields
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: anonymous
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8
Component: General | Version: 2.8
Severity: normal | Keywords:
-------------------------------+--------------------------------------------
Related to: #8804 and #6532.
One some servers, with some configs, you occasionally get serialized data
with an erroneous strlen(). It's clearly php related, but it does break
sites.
The bug has to do with the fact that the string length function that is
internally used by serialize() doesn't like utf8 much. You get erroneous
string length values -- even when strlen() returns the correct value, and
even when you overload the strlen() function. This makes it borderline
impossible to reproduce on an english site, but it definitely occurs out
in the wild.
Anyway, the end result is a corrupt array that is then passed into WP as a
string. On occasion, this leads to fatal errors. (see the above two bugs.)
I've mostly seen this happen with text widgets or equivalent; more rarely
with post meta fields and the like. It seems to me that this could be
corrected by returning a straight false when unserialization fails, as is
done in the attached patch.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9549>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list