From f0b9adc7ae79bc2d009fa785880a9470b07aafb3 Mon Sep 17 00:00:00 2001
From: "Jorge A. Torres" <jorge.torres@automattic.com>
Date: Wed, 15 Jun 2022 14:49:11 -0300
Subject: [PATCH] Make sure payment gateway title is a string before sanitizing
 (#33434)

Make sure payment gateway title is a string before sanitizing.

* Add changelog
* Drop type-hint in `validate_safe_text_field()`
* Update plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php

Co-authored-by: Barry Hughes <3594411+barryhughes@users.noreply.github.com>
---
 .../changelog/html-sanitizer-on-null-gateway-title            | 4 ++++
 .../includes/abstracts/abstract-wc-payment-gateway.php        | 2 +-
 .../includes/abstracts/abstract-wc-settings-api.php           | 4 ++--
 3 files changed, 7 insertions(+), 3 deletions(-)
 create mode 100644 plugins/woocommerce/changelog/html-sanitizer-on-null-gateway-title

diff --git a/plugins/woocommerce/changelog/html-sanitizer-on-null-gateway-title b/plugins/woocommerce/changelog/html-sanitizer-on-null-gateway-title
new file mode 100644
index 00000000000..4090c123adb
--- /dev/null
+++ b/plugins/woocommerce/changelog/html-sanitizer-on-null-gateway-title
@@ -0,0 +1,4 @@
+Significance: patch
+Type: fix
+
+Make sure payment gateway title is a string before sanitizing
diff --git a/plugins/woocommerce/includes/abstracts/abstract-wc-payment-gateway.php b/plugins/woocommerce/includes/abstracts/abstract-wc-payment-gateway.php
index 6e8f947297c..a50cd25016c 100644
--- a/plugins/woocommerce/includes/abstracts/abstract-wc-payment-gateway.php
+++ b/plugins/woocommerce/includes/abstracts/abstract-wc-payment-gateway.php
@@ -305,7 +305,7 @@ abstract class WC_Payment_Gateway extends WC_Settings_API {
 	 * @return string
 	 */
 	public function get_title() {
-		$title = wc_get_container()->get( HtmlSanitizer::class )->sanitize( $this->title, HtmlSanitizer::LOW_HTML_BALANCED_TAGS_NO_LINKS );
+		$title = wc_get_container()->get( HtmlSanitizer::class )->sanitize( (string) $this->title, HtmlSanitizer::LOW_HTML_BALANCED_TAGS_NO_LINKS );
 		return apply_filters( 'woocommerce_gateway_title', $title, $this->id );
 	}
 
diff --git a/plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php b/plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php
index 2debc123e6a..6d330cfe172 100644
--- a/plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php
+++ b/plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php
@@ -868,8 +868,8 @@ abstract class WC_Settings_API {
 	 *
 	 * @return string
 	 */
-	public function validate_safe_text_field( string $key, string $value ): string {
-		return wc_get_container()->get( HtmlSanitizer::class )->sanitize( $value, HtmlSanitizer::LOW_HTML_BALANCED_TAGS_NO_LINKS );
+	public function validate_safe_text_field( string $key, ?string $value ): string {
+		return wc_get_container()->get( HtmlSanitizer::class )->sanitize( (string) $value, HtmlSanitizer::LOW_HTML_BALANCED_TAGS_NO_LINKS );
 	}
 
 	/**