[wp-trac] [WordPress Trac] #39945: WP_Query::get_posts fails to correctly sanitize 'posts_per_page'
WordPress Trac
noreply at wordpress.org
Tue Feb 28 03:40:40 UTC 2017
#39945: WP_Query::get_posts fails to correctly sanitize 'posts_per_page'
-------------------------------------------------+-------------------------
Reporter: biisent | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
Component: Query | Review
Severity: normal | Version: 4.7.2
Keywords: has-patch needs-testing 2nd-opinion | Resolution:
| Focuses:
-------------------------------------------------+-------------------------
Changes (by asalce):
* keywords: => has-patch needs-testing 2nd-opinion
Comment:
@biisent looks like the bigger issue is that post_per_page is allowed to
have a negative value... BUT that check was happening before any
sanitization is done on the variable. It also looks like the negative
value is used when the user wants to query ALL posts. This patch I
submitted still will cause an unwanted behaviour for WooCommerce. They
should also do some sanitization on their end before passing it to
get_posts/WP_Query.
PS. I also modified the check to look for anything less than or equal to
-1. So a -2 value will also retrieve all posts. Not sure if that was the
correct thing to do, but better safe than sorry. Maybe a hard error should
be thrown instead of allowing negative values to continue on after line
1790.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39945#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list