From af8afb943e277e8f72e2a777b99362edc1002a18 Mon Sep 17 00:00:00 2001
From: Jake Spurlock <whyisjake@git.wordpress.org>
Date: Mon, 14 Oct 2019 15:25:38 +0000
Subject: [PATCH] HTTP API: Protect against hex interpretation.

Return earlier from wp_http_validate_url().

Props: iandunn, xknown, voldemortensen, whyisjake.


git-svn-id: https://develop.svn.wordpress.org/trunk@46475 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/http.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wp-includes/http.php b/src/wp-includes/http.php
index 36922da60e..3356b97162 100644
--- a/src/wp-includes/http.php
+++ b/src/wp-includes/http.php
@@ -550,7 +550,7 @@ function wp_http_validate_url( $url ) {
 		} else {
 			$ip = gethostbyname( $host );
 			if ( $ip === $host ) { // Error condition for gethostbyname()
-				$ip = false;
+				return false;
 			}
 		}
 		if ( $ip ) {