[wp-trac] [WordPress Trac] #59712: `WP_Ugrader` doesn't check source and destination variable types, is missing a string.
WordPress Trac
noreply at wordpress.org
Wed Apr 10 23:43:07 UTC 2024
#59712: `WP_Ugrader` doesn't check source and destination variable types, is
missing a string.
-------------------------------------------------+-------------------------
Reporter: peterwilsoncc | Owner:
| peterwilsoncc
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 6.6
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests needs- | Focuses:
testing |
-------------------------------------------------+-------------------------
Comment (by afragen):
In testing the PR does function correctly but I found a flaw. If
`$args['source']` is a string and has leading or trailing spaces it passes
the PR check, however, it fails the following line 566
{{{
$source = trailingslashit( $args['source'] ) . trailingslashit(
$source_files[0] );
}}}
It would seem before assigning `$args['source']` to `$source` we should
run `trim( $args['source'] )`
I expect the same should go for `$args['destination']`
I'm not sure in how many places this should happen. It is a curious edge
case but it seems that's what we're testing.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59712#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list