[wp-hackers] EXIF geo data

Heiko Rabe heiko.rabe at code-styling.de
Mon Mar 2 01:58:58 GMT 2009

May be, that this is not the only fix needed:

refere to wp_exif_frac2dec() function and potential manipulated image data:

function wp_exif_frac2dec($str) {
    @list( $n, $d ) = explode( '/', $str );
    if ( !empty($d) )
        return $n / $d;
    return $str;

The empty() test may cover the division by zero too but not if i try 
following string:  "5/-0.0"
The test code (same result at function with this input):

        $c = "5";
        $d = "-0.0";
        echo empty($d) ? "yes" : "no";
        echo '<br/>';
        echo $c / $d;
        echo '<br/>';
and the result of:

*Warning*: Division by zero in 
on line *77*

I think, an appropriated cast to (float) is nessesary to detect such 
string manipulations at wp core dealing with image data.
May be some more functions been affected.


Heiko Rabe

> For reference, the ticket is http://core.trac.wordpress.org/ticket/9257
> That is_float() test needs to be re-thought though.
> -Alan
> On Mar 1, 2009, at 2:14 PM, Tomislav Bišćan wrote:
>> Peter, I will submit a ticket.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list