[wp-trac] [WordPress Trac] #63159: load_textdomain tries to load the current working directory as a file
WordPress Trac
noreply at wordpress.org
Tue Mar 25 03:09:37 UTC 2025
#63159: load_textdomain tries to load the current working directory as a file
--------------------------+-----------------------------
Reporter: tofandel | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
It all stems from this line in `wp-includes/l10n.php`
{{{#!php
<?php
$success = $i18n_controller->load_file( $file, $domain,
$locale );
if ( $success ) {
if ( isset( $l10n[ $domain ] ) && $l10n[ $domain ]
instanceof MO) {
$i18n_controller->load_file( $l10n[
$domain ]->get_filename(), $domain, $locale );
}
}}}
There is no guarantee that $l10n[ $domain ]->get_filename() is not empty
there
And if it is, there is no sane check and it tries to load a translation on
`realpath('')` which is the current working directory
While it doesn't cause any direct issues, this is just something I came
accross while debugging and I think the following patch should be done
--- wp/wp-includes/l10n.php.old 2025-03-25 03:13:47.957506010 +0100
+++ wp/wp-includes/l10n.php 2025-03-25 03:14:15.295131388 +0100
@@ -844,7 +844,7 @@
$success = $i18n_controller->load_file( $file, $domain,
$locale );
if ( $success ) {
- if ( isset( $l10n[ $domain ] ) && $l10n[ $domain ]
instanceof MO ) {
+ if ( isset( $l10n[ $domain ] ) && $l10n[ $domain ]
instanceof MO && !empty($l10n[ $domain ]->get_filename())) {
$i18n_controller->load_file( $l10n[
$domain ]->get_filename(), $domain, $locale );
}
Or alternatively before `realpath` check if $translation_file is empty in
WP_Translation_Controller
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63159>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list