[wp-trac] [WordPress Trac] #39338: class-wp-hook.php - apply_filters() infinite loop
WordPress Trac
noreply at wordpress.org
Mon Jan 21 00:33:51 UTC 2019
#39338: class-wp-hook.php - apply_filters() infinite loop
--------------------------+-----------------------------
Reporter: frettled | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Plugins | Version: 4.7
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
--------------------------+-----------------------------
Comment (by trongn):
Replying to [comment:51 frettled]:
> Replying to [comment:45 dd32]:
>
> > (edit: Strange observation: This shouldn't be possible to trigger on
PHP 5.2, as `next()` will return `false` on the invalid inputs there, and
exit the loop)
>
> No, that's not how next() works in PHP.
>
> Here's a very simple test for you:
>
> {{{#!php
> <?php
> $var = NULL;
> $n = 0;
> while ($n < 10 && false !== next($var)) {
> $n++;
> echo $n;
> }
> }}}
>
> This produces an infinite loop in PHP 5.x and 7.x, only by the kindness
of the check for $n, your screen's scrollback won't fill infinitely.
>
> My patch works. If it breaks something that you avoid an infinite loop
instead of having a log-filling, CPU-gobbling infinite loop, that's
**perfectly fine**. It's better that the code crashes.
>
> If Wordpress has some sort of error handler that can be invoked in the
case that the "impossible" (yet prevalent) NULL condition occurs, invoking
it at that time seems like a good idea.
Hi,
I tried to apply your fix however the infinitive loop still came back with
a slightly different error:
PHP Warning: next() expects parameter 1 to be array, boolean given, ...
PHP Warning: current() expects parameter 1 to be array, ...
So i have modified the fix to use is_array instead of !is_null and it
covers both NULL and boolean issues. I have 2 different versions of
Wordpress to manage and there are different php files to modify based on
error details:
- Wordpress v4.9.9 (recent version, and fix all similar while loops)
Fix class-wp-hook.php in wp-includes folder (fix all similar while loops)
} while ( is_array( $this->iterations[ $nesting_level ] ) && false !==
next( $this->iterations[ $nesting_level ] ) );
- Wordpress v4.6.1
Fix plugin.php in wp-includes folder (fix all similar while loops)
} while (is_array($wp_filter[$tag]) && next($wp_filter[$tag]) !== false );
I hope this will help someone. Cheers
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39338#comment:52>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list