[wp-trac] [WordPress Trac] #12284: I/O Sanity Failures With Invalid HTML Entity References
WordPress Trac
wp-trac at lists.automattic.com
Thu Feb 25 14:16:38 UTC 2010
#12284: I/O Sanity Failures With Invalid HTML Entity References
-----------------------------+----------------------------------------------
Reporter: miqrogroove | Owner: ryan
Type: defect (bug) | Status: new
Priority: highest omg bbq | Milestone: 3.0
Component: Security | Version:
Severity: blocker | Keywords: has-patch
-----------------------------+----------------------------------------------
Comment(by miqrogroove):
The only oddball we're left with is the " type of replacement in
wp_special_chars_decode(), which runs before normalize_entities.
/facepalm Worst case scenario, we can hit the decimal version with
{{{
str_pad(ltrim($i,'0'), 3, '0', STR_PAD_LEFT);
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12284#comment:15>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list