[wp-trac] [WordPress Trac] #25061: Plugin/Theme/Core Updates Fail When Curl Used and String Function Overloading Configured

WordPress Trac noreply at wordpress.org
Sun Aug 18 12:13:48 UTC 2013


#25061: Plugin/Theme/Core Updates Fail When Curl Used and String Function
Overloading Configured
--------------------------+---------------------
 Reporter:  DrProtocols   |       Owner:
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:  3.6.1
Component:  HTTP          |     Version:  3.6
 Severity:  major         |  Resolution:  fixed
 Keywords:                |
--------------------------+---------------------

Comment (by DrProtocols):

 Thanks guys.

 Just a note on http headers - technically speaking, according to RFC2616
 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2) for
 HTTP/1.1 (but same applies to HTTP/1.0) arbitrary 8-bit  data can appear
 in specific types of header fields as comment text (Server, User-Agent and
 Via being the "standard" headers where comment is allowed). But in
 general, although IANA maintains a Message Headers registry for permanent
 and provisional headers there is nothing that stops anything being added
 as a header provided it obeys the header syntax - if the recipient doesn't
 recognize the header it should simply ignore it - so any arbitrary header
 that might contain 8 bit data _could_ be present.

 Whether this happens in practice I can't say but it is possible. If the
 stream_headers() function has been around for a while and no issue has
 arisen there then either this hasn't arisen at all or the value actually
 returned by strlen() doesn't have any material impact on the operation of
 Curl.

--
Ticket URL: <http://core.trac.wordpress.org/ticket/25061#comment:11>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list