[wp-trac] [WordPress Trac] #46445: Parameter must be an array or an object that implements Countable
    WordPress Trac 
    noreply at wordpress.org
       
    Tue Apr  2 14:01:10 UTC 2019
    
    
  
#46445: Parameter must be an array or an object that implements Countable
--------------------------+-----------------------
 Reporter:  sanjeevsetu   |       Owner:  (none)
     Type:  defect (bug)  |      Status:  reopened
 Priority:  normal        |   Milestone:
Component:  General       |     Version:  5.1
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+-----------------------
Changes (by l3rady):
 * status:  closed => reopened
 * resolution:  invalid =>
Comment:
 We are seeing our logs fill up with this error since moving to PHP 7.2
 The error doesn't happen for normal circumstances but happens when we have
 people probing our site for vulnerabilities where their query string
 results in the global $pages being returned as null which isn't countable.
 An example query string that triggered it for us is the following:
 `index.php?s=%2Fmodule%2Faction%2Fparam1%2F%24%7B%40print%28eval%28%24_POST%5Bc%5D%29%29%7D`
 decoded as `index.php?s=/module/action/param1/${@print(eval($_POST[c]))}`
 It appears that certain conditions can get Wordpress to result in null for
 $pages and so the code needs to check that $pages are countable.
-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/46445#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
    
    
More information about the wp-trac
mailing list