[wp-trac] [WordPress Trac] #32135: wp_tempnam() recursive broken code

WordPress Trac noreply at wordpress.org
Tue Apr 28 11:46:03 UTC 2015


#32135: wp_tempnam() recursive broken code
-----------------------------+--------------------
 Reporter:  cloudware        |       Owner:
     Type:  defect (bug)     |      Status:  new
 Priority:  normal           |   Milestone:  4.2.2
Component:  Upgrade/Install  |     Version:  4.2
 Severity:  major            |  Resolution:
 Keywords:                   |     Focuses:
-----------------------------+--------------------

Comment (by taka2):

 This problem is very serious because it affects also Wordpress self
 updating, not only plugin/thema updating.

 Wordpress's "wp_tempnam" function is not supposed that argument $filename
 is root directory and has no basename.
 If $filename has no basename(extensions only), wp_tempname is called
 recursively to generate tempname based on the parent directory of
 $filename,
 but parent of root directory("/") is also root("/"), so it causes infinite
 recursive calling.

 Therefore, this problem occurs when the following conditions.
 . Updating via FTP (ftpsock or ftpext).
 . Wordpress is installed at the root directory of FTP server (using
 chrooted account).

 In this case, Wordpress updater calls function
 wp_tempnam('/.maintenance'), so it falls into infinite loop.
 If Wordpress is installed at subdirectory of FTP home, or if updating via
 ssh or direct, this problem will not occur.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32135#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list