From 55560a708f4e392d57b855bdbe71a305925499b1 Mon Sep 17 00:00:00 2001
From: "K. Adam White" <kadamwhite@gmail.com>
Date: Wed, 9 Oct 2019 17:36:01 +0000
Subject: [PATCH] REST API: Do not addslash when receiving meta arrays of
 non-string values.

Slashing non-string data caused PUT requests containing unmodified meta arrays of integers to fail the check against the existing stored meta value, causing a 500 when posting an unmodified response body back to the server.

Props TimothyBlynJacobs, augustuswm.
Fixes #48264.

Built from https://develop.svn.wordpress.org/trunk@46454


git-svn-id: http://core.svn.wordpress.org/trunk@46252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/formatting.php                    | 27 +++++++++++++++++++
 .../fields/class-wp-rest-meta-fields.php      |  2 +-
 wp-includes/version.php                       |  2 +-
 3 files changed, 29 insertions(+), 2 deletions(-)

diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index 6266f97877..5928df9600 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -5406,6 +5406,33 @@ function wp_unslash( $value ) {
 	return stripslashes_deep( $value );
 }
 
+/**
+ * Adds slashes to only string values in an array of values.
+ *
+ * This should be used when preparing data for core APIs that expect slashed data.
+ * This should not be used to escape data going directly into an SQL query.
+ *
+ * @since 5.3.0
+ *
+ * @param mixed $value Scalar or array of scalars.
+ * @return mixed Slashes $value
+ */
+function wp_slash_strings_only( $value ) {
+	return map_deep( $value, 'addslashes_strings_only' );
+}
+
+/**
+ * Adds slashes only if the provided value is a string.
+ *
+ * @since 5.3.0
+ *
+ * @param mixed $value
+ * @return mixed
+ */
+function addslashes_strings_only( $value ) {
+	return is_string( $value ) ? addslashes( $value ) : $value;
+}
+
 /**
  * Extract and return the first URL from passed content.
  *
diff --git a/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php b/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
index b3ea89a86e..411fc5460c 100644
--- a/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
+++ b/wp-includes/rest-api/fields/class-wp-rest-meta-fields.php
@@ -365,7 +365,7 @@ abstract class WP_REST_Meta_Fields {
 			}
 		}
 
-		if ( ! update_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash( $value ) ) ) {
+		if ( ! update_metadata( $meta_type, $object_id, wp_slash( $meta_key ), wp_slash_strings_only( $value ) ) ) {
 			return new WP_Error(
 				'rest_meta_database_error',
 				/* translators: %s: Custom field key. */
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 1f429d4513..fd57d12b71 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.3-beta3-46453';
+$wp_version = '5.3-beta3-46454';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.