Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-09-24 21:32:51 +02:00
Code Issues Projects Releases Wiki Activity

Upload: Fix the final file name collision test in wp_unique_filename() when uploading a file with upper case extension and limit it to run for each file in the directory + 1. Add a unit test to catch that in the future.

Browse Source 
Props pbiron, azaozz.
Merges [46966] and [46976] to the 5.3 branch.
Fixes #48975.

Built from https://develop.svn.wordpress.org/branches/5.3@46980


git-svn-id: http://core.svn.wordpress.org/branches/5.3@46780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Ozz 2019-12-17 21:20:03 +00:00
parent fd030a496f
commit 99c691c8e2
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
wp-includes/functions.php
View File

@ -2410,6 +2410,7 @@ function _wp_upload_dir( $time = null ) {
function wp_unique_filename( $dir, $filename, $unique_filename_callback = null ) {
// Sanitize the file name before we begin processing.
$filename = sanitize_file_name( $filename );
$ext2 = null;
// Separate the filename into a name and extension.
$ext = pathinfo( $filename, PATHINFO_EXTENSION );
@ -2485,10 +2486,19 @@ function wp_unique_filename( $dir, $filename, $unique_filename_callback = null )
}
if ( ! empty( $files ) ) {
while ( _wp_check_existing_file_names( $filename, $files ) ) {
// The extension case may have changed above.
$new_ext = ! empty( $ext2 ) ? $ext2 : $ext;
// Ensure this never goes into infinite loop
// as it uses pathinfo() and regex in the check but string replacement for the changes.
$count = count( $files );
$i = 0;
while ( $i <= $count && _wp_check_existing_file_names( $filename, $files ) ) {
$new_number = (int) $number + 1;
$filename = str_replace( array( "-{$number}{$ext}", "{$number}{$ext}" ), "-{$new_number}{$ext}", $filename );
$filename = str_replace( array( "-{$number}{$new_ext}", "{$number}{$new_ext}" ), "-{$new_number}{$new_ext}", $filename );
$number = $new_number;
$i++;
}
}
}
@ -2530,7 +2540,7 @@ function _wp_check_existing_file_names( $filename, $files ) {
$ext = ".$ext";
}
$regex = '/^' . preg_quote( $fname ) . '-(?:\d+x\d+|scaled|rotated)' . preg_quote( $ext ) . '$/';
$regex = '/^' . preg_quote( $fname ) . '-(?:\d+x\d+|scaled|rotated)' . preg_quote( $ext ) . '$/i';
foreach ( $files as $file ) {
if ( preg_match( $regex, $file ) ) {

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.3.2-alpha-46979';
$wp_version = '5.3.2-alpha-46980';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.