Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Media: Return `WP_Error` when cropping with bad input to avoid fatal. 

This avoids an error on PHP 8 caused by calling `wp_imagecreatetruecolor()` with inputs that aren't numeric, or are less than 0.

Props hellofromtonya, Boniu91, metalandcoffee, SergeyBiryukov.
Reviewed by SergeyBiryukov, iandunn.
Merges [49751] to the 5.6 branch.
Fixes #51937.

Built from https://develop.svn.wordpress.org/branches/5.6@49753


git-svn-id: http://core.svn.wordpress.org/branches/5.6@49476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
iandunn 2020-12-04 21:46:06 +00:00
parent bb64e43912
commit cb323ada27
3 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
wp-includes/class-wp-image-editor-gd.php
View File

@ -323,7 +323,13 @@ class WP_Image_Editor_GD extends WP_Image_Editor {
$dst_h = $src_h;
}
$dst = wp_imagecreatetruecolor( $dst_w, $dst_h );
foreach ( array( $src_w, $src_h, $dst_w, $dst_h ) as $value ) {
if ( ! is_numeric( $value ) || (int) $value <= 0 ) {
return new WP_Error( 'image_crop_error', __( 'Image crop failed.' ), $this->file );
}
}
$dst = wp_imagecreatetruecolor( (int) $dst_w, (int) $dst_h );
if ( $src_abs ) {
$src_w -= $src_x;
@ -334,7 +340,7 @@ class WP_Image_Editor_GD extends WP_Image_Editor {
imageantialias( $dst, true );
}
imagecopyresampled( $dst, $this->image, 0, 0, $src_x, $src_y, $dst_w, $dst_h, $src_w, $src_h );
imagecopyresampled( $dst, $this->image, 0, 0, (int) $src_x, (int) $src_y, (int) $dst_w, (int) $dst_h, (int) $src_w, (int) $src_h );
if ( is_gd_image( $dst ) ) {
imagedestroy( $this->image );

2
wp-includes/media.php
View File

@ -3505,7 +3505,7 @@ function is_gd_image( $image ) {
*
* @param int $width Image width in pixels.
* @param int $height Image height in pixels.
* @return resource|GdImage The GD image resource or GdImage instance.
* @return resource|GdImage|false The GD image resource or GdImage instance on success. False on failure.
*/
function wp_imagecreatetruecolor( $width, $height ) {
$img = imagecreatetruecolor( $width, $height );

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.6-RC3-49749';
$wp_version = '5.6-RC3-49753';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.