Contrib.social

create_function is deprecated in PHP 7.2

Open on Drupal.org β†’
Created on 25 June 2018, over 6 years ago
Updated 19 July 2023, over 1 year ago

As of PHP 7.2, create_function is supposed to be replaced by anonymous functions, added in 5.3.

Create function is used in one place, in the drush command, as per this issue: https://www.drupal.org/project/entitycache/issues/2086633 β†’

Entitycache has a minimum PHP version of 5.3, as per this issue: https://www.drupal.org/project/entitycache/issues/2619270 β†’

So the solution seems pretty straight-forward.

πŸ› Bug report
Status

Fixed

Version

1.5

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States MPetrovic

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago β†’
    πŸ‡ΊπŸ‡ΈUnited States philsward

    +1 for an updated release to fix this issue.

  • Comment over 1 year ago β†’
    πŸ‡¬πŸ‡§United Kingdom mcdruid πŸ‡¬πŸ‡§πŸ‡ͺπŸ‡Ί

    There's an issue about a 7.x-1.6 release πŸ“Œ Issues to fix as part of next stable release (7.x-1.6) Fixed .

    The presence of create_function() in the current release could be exploited to gain Remote Code Execution although the conditions for this to happen are pretty extreme / unlikely. It could represent part of a chained attack though.

    I filed a private security issues about this a long time ago and it was agreed that the discussion could take place in public.

    I won't put the exact details here just yet as the "vulnerable" code is still in the latest supported release.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024