[wp-trac] [WordPress Trac] #22072: get_adjacent_post_rel_link() Can poison the post cache
WordPress Trac
wp-trac at lists.automattic.com
Mon Oct 1 21:46:34 UTC 2012
#22072: get_adjacent_post_rel_link() Can poison the post cache
-----------------------------+--------------------------
Reporter: mdawaffe | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: Cache
Version: 3.4 | Severity: normal
Keywords: has-patch |
-----------------------------+--------------------------
{{{get_adjacent_post_rel_link()}}} does:
{{{
if ( empty($post->post_title) )
$post->post_title = $previous ? __('Previous Post') : __('Next Post');
...
$title = apply_filters('the_title', $title, $post->ID);
...
$link .= "' href='" . get_permalink($post) . "' />\n";
}}}
If the post cache gets cleared during {{{the_title}}} filter (or any of
the several other hooks that are run but are not shown above), the
modified {{{$post}}} object will be cached as modified during
{{{get_permalink()}}}'s call to {{{get_post()}}}.
This can only happen in WordPress <= 3.4. In WordPress 3.5,
{{{get_post()}}} has been rewritten in such a way this cache poisoning is
no longer possible. I think this fix was at least in part accidental,
though, and probably not very robust.
We shouldn't be setting {{{$post->post_title}}}. We should set an
intermediary variable instead.
Patch and simple test script (not a unit test) attached.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22072>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list