From 6fa0293156b95cdc5dac91d56ce52fd3f6cafe4c Mon Sep 17 00:00:00 2001 From: Igor Zinovyev Date: Mon, 23 Dec 2024 17:35:46 +0300 Subject: [PATCH 1/2] Added a special case for non-array data. --- projects/plugins/jetpack/class.json-api-endpoints.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/projects/plugins/jetpack/class.json-api-endpoints.php b/projects/plugins/jetpack/class.json-api-endpoints.php index d3a2225cd16aa..794bd049d6545 100644 --- a/projects/plugins/jetpack/class.json-api-endpoints.php +++ b/projects/plugins/jetpack/class.json-api-endpoints.php @@ -2254,6 +2254,11 @@ public function handle_media_creation_v1_1( $media_files, $media_urls, $media_at if ( ! $user_can_upload_files ) { $media_id = new WP_Error( 'unauthorized', 'User cannot upload media.', 403 ); + } elseif ( ! is_array( $media_item ) ) { + $media_id = new WP_Error( 'invalid_input', 'Unable to process request.', 400 ); + $media_item = array( + 'name' => 'invalid_file', + ); } elseif ( $this->media_item_is_free_video_mobile_upload_and_too_long( $media_item ) ) { $media_id = new WP_Error( 'upload_video_length', 'Video uploads longer than 5 minutes require a paid plan.', 400 ); } else { From fb593d19370995b727e1e2b9d5d9e395f9470ac5 Mon Sep 17 00:00:00 2001 From: Igor Zinovyev Date: Mon, 23 Dec 2024 17:37:01 +0300 Subject: [PATCH 2/2] Changelog. --- .../jetpack/changelog/add-safeguard-for-invalid-uploads | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 projects/plugins/jetpack/changelog/add-safeguard-for-invalid-uploads diff --git a/projects/plugins/jetpack/changelog/add-safeguard-for-invalid-uploads b/projects/plugins/jetpack/changelog/add-safeguard-for-invalid-uploads new file mode 100644 index 0000000000000..a33a6a3d5a1e2 --- /dev/null +++ b/projects/plugins/jetpack/changelog/add-safeguard-for-invalid-uploads @@ -0,0 +1,4 @@ +Significance: patch +Type: other + +Jetpack API: Fixed a bug where invalid upload input caused a fatal error.