-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Taxonomy: Check for empty term after DB sanitization in wp_insert_term #5722
Taxonomy: Check for empty term after DB sanitization in wp_insert_term #5722
Conversation
Hi @fgiannar! 👋 Thank you for your contribution to WordPress! 💖 It looks like this is your first pull request to No one monitors this repository for new pull requests. Pull requests must be attached to a Trac ticket to be considered for inclusion in WordPress Core. To attach a pull request to a Trac ticket, please include the ticket's full URL in your pull request description. Pull requests are never merged on GitHub. The WordPress codebase continues to be managed through the SVN repository that this GitHub repository mirrors. Please feel free to open pull requests to work on any contribution you are making. More information about how GitHub pull requests can be used to contribute to WordPress can be found in this blog post. Please include automated tests. Including tests in your pull request is one way to help your patch be considered faster. To learn about WordPress' test suites, visit the Automated Testing page in the handbook. If you have not had a chance, please review the Contribute with Code page in the WordPress Core Handbook. The Developer Hub also documents the various coding standards that are followed:
Thank you, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Typo
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This tests well for me with a dirty term name. Hotfixing in a production environment also resulted in expected change without any known regressions at this time. Unit test appears sufficient along side existing tests checking valid term names.
Co-authored-by: Brandon Kraft <public@brandonkraft.com>
Thanks for the PR! Merged in r57251. |
When inserting a new term in the database,
wp_insert_term
will check if the term is empty and return a corresponding error.Afterwards the term is sanitized and inserted in the database. However, there's a chance the term is empty after the DB sanitization.
This is never checked though and will result in 1) empty terms in the DB and 2) possible OOM issues in
wp_insert_term
when checking if the term name matches an existing one because of usingget_terms
with an empty name argumentThe current PR:
Trac ticket: https://core.trac.wordpress.org/ticket/59995
This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.