[wp-trac] [WordPress Trac] #11175: wp_check_invalid_utf8() should drop invalid utf-8 chars only instead of truncating string
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 20 02:40:23 UTC 2009
#11175: wp_check_invalid_utf8() should drop invalid utf-8 chars only instead of
truncating string
--------------------------+-------------------------------------------------
Reporter: sirzooro | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.9
Component: General | Version: 2.9
Severity: normal | Keywords: has-patch needs-testing
--------------------------+-------------------------------------------------
Comment(by miqrogroove):
When testing, please ensure this function never removes byte values less
than 128. A situation where the function sees a 2-byte marker and then
underflows, deletes two bytes and returns the results, would lead to code
injection problems.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11175#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list