WordPress.org
Get WordPress

Make WordPress Core

Changeset 62176


Ignore:
Timestamp:
03/30/2026 12:16:18 AM (7 days ago)
Author:
westonruter
Message:

Media: Guard against false return values from wp_get_attachment_image_src() and wp_getimagesize().

  • Add is_array() checks before accessing return values from wp_get_attachment_image_src() in get_oembed_response_data_rich(), wp_playlist_shortcode(), and wp_prepare_attachment_for_js().
  • Guard wp_getimagesize() calls within wp_get_attachment_image_src() itself.
  • Ensure wp_get_attachment_image_src() always returns the expected array{0: string, 1: int, 2: int, 3: bool} type or false by normalizing the filter result with explicit type casting and default values.
  • Add @phpstan-return annotations to both wp_get_attachment_image_src() and wp_getimagesize() for the specific array shapes.

Developed in https://github.com/WordPress/wordpress-develop/pull/11073

Props hbhalodia, westonruter, mukesh27, edent, ozgursar, roshniahuja14.
Fixes #64742.

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/wp-includes/embed.php

    r61649 r62176  
    740740
    741741    if ( $thumbnail_id ) {
    742         list( $thumbnail_url, $thumbnail_width, $thumbnail_height ) = wp_get_attachment_image_src( $thumbnail_id, array( $width, 0 ) );
    743         $data['thumbnail_url']                                      = $thumbnail_url;
    744         $data['thumbnail_width']                                    = $thumbnail_width;
    745         $data['thumbnail_height']                                   = $thumbnail_height;
     742        $thumbnail_src = wp_get_attachment_image_src( $thumbnail_id, array( $width, 0 ) );
     743
     744        if ( is_array( $thumbnail_src ) ) {
     745            $data['thumbnail_url']    = $thumbnail_src[0];
     746            $data['thumbnail_width']  = $thumbnail_src[1];
     747            $data['thumbnail_height'] = $thumbnail_src[2];
     748        }
    746749    }
    747750

  • trunk/src/wp-includes/media.php

    r62081 r62176  
    973973 *     @type bool   $3 Whether the image is a resized image.
    974974 * }
     975 * @phpstan-return array{ 0: string, 1: int, 2: int, 3: bool }|false
    975976 */
    976977function wp_get_attachment_image_src( $attachment_id, $size = 'thumbnail', $icon = false ) {
     
    978979    $image = image_downsize( $attachment_id, $size );
    979980    if ( ! $image ) {
    980         $src = false;
     981        $src    = false;
     982        $width  = 0;
     983        $height = 0;
    981984
    982985        if ( $icon ) {
     
    989992                $src_file = $icon_dir . '/' . wp_basename( $src );
    990993
    991                 list( $width, $height ) = wp_getimagesize( $src_file );
     994                $image_size = wp_getimagesize( $src_file );
     995                if ( is_array( $image_size ) ) {
     996                    $width  = $image_size[0];
     997                    $height = $image_size[1];
     998                }
    992999
    9931000                $ext = strtolower( substr( $src_file, -4 ) );
     
    9981005                    $height = 64;
    9991006                } else {
    1000                     list( $width, $height ) = wp_getimagesize( $src_file );
     1007                    $image_size = wp_getimagesize( $src_file );
     1008                    if ( is_array( $image_size ) ) {
     1009                        $width  = $image_size[0];
     1010                        $height = $image_size[1];
     1011                    }
    10011012                }
    10021013            }
     
    10251036     * @param bool         $icon          Whether the image should be treated as an icon.
    10261037     */
    1027     return apply_filters( 'wp_get_attachment_image_src', $image, $attachment_id, $size, $icon );
     1038    $source = apply_filters( 'wp_get_attachment_image_src', $image, $attachment_id, $size, $icon );
     1039    if ( is_array( $source ) && isset( $source[0] ) && is_string( $source[0] ) ) {
     1040        return array(
     1041            $source[0],
     1042            (int) ( $source[1] ?? 0 ),
     1043            (int) ( $source[2] ?? 0 ),
     1044            (bool) ( $source[3] ?? false ),
     1045        );
     1046    }
     1047    return false;
    10281048}
    10291049
     
    32313251            $thumb_id = get_post_thumbnail_id( $attachment->ID );
    32323252            if ( ! empty( $thumb_id ) ) {
    3233                 list( $src, $width, $height ) = wp_get_attachment_image_src( $thumb_id, 'full' );
    3234                 $track['image']               = compact( 'src', 'width', 'height' );
    3235                 list( $src, $width, $height ) = wp_get_attachment_image_src( $thumb_id, 'thumbnail' );
    3236                 $track['thumb']               = compact( 'src', 'width', 'height' );
     3253                $image_src_full = wp_get_attachment_image_src( $thumb_id, 'full' );
     3254                if ( is_array( $image_src_full ) ) {
     3255                    $track['image'] = array(
     3256                        'src'    => $image_src_full[0],
     3257                        'width'  => $image_src_full[1],
     3258                        'height' => $image_src_full[2],
     3259                    );
     3260                }
     3261
     3262                $image_src_thumb = wp_get_attachment_image_src( $thumb_id, 'thumbnail' );
     3263                if ( is_array( $image_src_thumb ) ) {
     3264                    $track['thumb'] = array(
     3265                        'src'    => $image_src_thumb[0],
     3266                        'width'  => $image_src_thumb[1],
     3267                        'height' => $image_src_thumb[2],
     3268                    );
     3269                }
    32373270            } else {
    32383271                $src            = wp_mime_type_icon( $attachment->ID, '.svg' );
     
    47124745        $id = get_post_thumbnail_id( $attachment->ID );
    47134746        if ( ! empty( $id ) ) {
    4714             list( $src, $width, $height ) = wp_get_attachment_image_src( $id, 'full' );
    4715             $response['image']            = compact( 'src', 'width', 'height' );
    4716             list( $src, $width, $height ) = wp_get_attachment_image_src( $id, 'thumbnail' );
    4717             $response['thumb']            = compact( 'src', 'width', 'height' );
     4747            $response_image_full = wp_get_attachment_image_src( $id, 'full' );
     4748            if ( is_array( $response_image_full ) ) {
     4749                $response['image'] = array(
     4750                    'src'    => $response_image_full[0],
     4751                    'width'  => $response_image_full[1],
     4752                    'height' => $response_image_full[2],
     4753                );
     4754            }
     4755
     4756            $response_image_thumb = wp_get_attachment_image_src( $id, 'thumbnail' );
     4757            if ( is_array( $response_image_thumb ) ) {
     4758                $response['thumb'] = array(
     4759                    'src'    => $response_image_thumb[0],
     4760                    'width'  => $response_image_thumb[1],
     4761                    'height' => $response_image_thumb[2],
     4762                );
     4763            }
    47184764        } else {
    47194765            $src               = wp_mime_type_icon( $attachment->ID, '.svg' );
     
    57255771 * @param array  $image_info Optional. Extended image information (passed by reference).
    57265772 * @return array|false Array of image information or false on failure.
     5773 * @phpstan-return array{ 0: int, 1: int, 2: int, 3: string, mime: string, bits?: int, channels?: int }|false
    57275774 */
    57285775function wp_getimagesize( $filename, ?array &$image_info = null ) {
Note: See TracChangeset for help on using the changeset viewer.