Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTML Api: Fix out of bounds string access #5793

Closed
wants to merge 7 commits into from
Closed

HTML Api: Fix out of bounds string access #5793

wants to merge 7 commits into from

Conversation

sirreal
Copy link
Member

@sirreal sirreal commented Dec 19, 2023
edited
Loading

Trac ticket: https://core.trac.wordpress.org/ticket/60108

The HTML API Tag Processor may attempt to perform out of range string index access, which may manifest as:

ValueError: strpos(): Argument #3 ($offset) must be contained in argument #1 ($haystack)

  • Add tests (failing on current trunk) to Tag Processor test suite that demonstrate the issue.
  • Fix out of range checks.

This PR also reuses a $doc_length variable. There's a strlen( $html ) performed at the top of the function and the result can be reused instead of calling strlen repeatedly.

This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.

@github-actions GitHub Actions
Copy link

Test using WordPress Playground

The changes in this pull request can previewed and tested using a WordPress Playground instance.

WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser.

Some things to be aware of

  • The Plugin and Theme Directories cannot be accessed within Playground.
  • All changes will be lost when closing a tab with a Playground instance.
  • All changes will be lost when refreshing the page.
  • A fresh instance is created each time the link below is clicked.
  • Every time this pull request is updated, a new ZIP file containing all changes is created. If changes are not reflected in the Playground instance,
    it's possible that the most recent build failed, or has not completed. Check the list of workflow runs to be sure.

For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation.

Test this pull request with WordPress Playground.

@sirreal sirreal force-pushed the fix/html-tag-processor-oob-offset branch from 6145140 to 69a7965 Compare December 19, 2023 16:09
@sirreal sirreal marked this pull request as ready for review December 19, 2023 16:19
@sirreal sirreal changed the title HTML Api: Fix out of bounds string index HTML Api: Fix out of bounds string access Dec 19, 2023
@dmsnell
Copy link
Member

dmsnell commented Dec 20, 2023

Rebuilt on to #5725 in aa24abd

@dmsnell
Copy link
Member

dmsnell commented Dec 20, 2023

@sirreal I've cherry-picked my rebuilt change in 9e7167a onto #5725. If you want we can re-target this PR against that branch or close it out. I'm worried about losing the change in the stacked PRs if we merge it first, but if you prefer that we can do that and I'll rebuild avoid-parsing-incomplete-tokens on top of it.

@ockham
Copy link
Contributor

ockham commented Dec 20, 2023
edited
Loading

Committed to Core as part of https://core.trac.wordpress.org/changeset/57211 (see #5793 (comment)).

@ockham ockham closed this Dec 20, 2023
@sirreal sirreal deleted the fix/html-tag-processor-oob-offset branch December 20, 2023 20:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sirreal @dmsnell @ockham