[wp-trac] [WordPress Trac] #29557: PHP ≤ 5.4.8 Crashes on '[' Character in Posts
WordPress Trac
noreply at wordpress.org
Wed Sep 24 22:47:47 UTC 2014
#29557: PHP ≤ 5.4.8 Crashes on '[' Character in Posts
------------------------------------------------------+--------------------
Reporter: MrBobDobolina | Owner:
Type: defect (bug) | Status: new
Priority: highest omg bbq | Milestone: 4.0.1
Component: Formatting | Version: 4.0
Severity: blocker | Resolution:
Keywords: wptexturize has-patch commit fixed-major | Focuses:
------------------------------------------------------+--------------------
Comment (by miqrogroove):
Per IRC discussion, we will not be able to resolve the crash by breaking
non-registered shortcodes. :(
In miqro-29557.6.patch:
* Revert parts of miqro-29557.5.patch.
* Revert [28773] and remove 'attribute filter' from [28727].
* Make the shortcode pattern quantifier possessive to avoid backtracks.
* Security regression: HTML filter avoidance may be possible again per
#12690.
* Does not break unregistered shortcodes.
* Does not break HTML comments or performance gains from 4.0.
* Tested PHP 5.2.4, 5.2.13, 5.4.32, and 5.5.8.
* No crashes or large backtrack counts found in any version.
* Unit tests updated to show new outputs.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29557#comment:67>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list