From: [EMAIL PROTECTED] Operating system: RedHat Linux 8.0 (2.4.18) PHP version: 4CVS-2003-02-04 (stable) PHP Bug Type: IMAP related Bug description: imap_header() crashes with bad To: or From: header
This is a very similar issue to bug #19280 (http://bugs.php.net/bug.php?id=19280), but that bug was closed and this issue still exists. php4-STABLE-200302041230 imap-2001a (from RedHat 8.0) apache-2.0.44 (happens from CLI too, so probably irrelevant) also occurs with php-4.3.0, apache-2.0.43 Strangely constructed To: or From: header causes a segfault, even from CLI php. Here are sample headers to reconstruct the problem: --- >From [EMAIL PROTECTED] Mon Feb 3 14:08:06 2003 Return-Path: <[EMAIL PROTECTED]> Date: Mon, 3 Feb 2003 14:08:08 -0500 From: PHP Test Case <[EMAIL PROTECTED]> To: \\\\\\\\\\\\\\\\\\\ <[EMAIL PROTECTED]> Subject: test 4 MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit --- Swapping the To: and From: headers causes the same problem. The following script will reproduce the segfault: --- <?php $mailbox = imap_open( "{127.0.0.1:143/imap/notls}"."test", "rob", "******", OP_READONLY); $header = imap_header($mailbox, 1); echo $header->toaddress . "\n"; echo $header->fromaddress . "\n"; imap_close($mailbox); ?> --- Notes: In ext/imap/php_imap.c, if I change the define: #define PHP_IMAP_ADDRESS_SIZE_BUF 10 to something larger, say 100, the segfault disappears. Since PHP_IMAP_ADDRESS_SIZE_BUF was added to solve bug #19280 I thought this may be a related issue. The badly constructed address above (\\\\\\\\\\\\\\\\\\\ <[EMAIL PROTECTED]>) was the shortest test case I could come up with. Note that reducing the number of backslashes makes it work, but adding the same number of alphanumeric characters back into the email address itself (between the <>) breaks it again. An older server running PHP 4.1.2, imap-2001a, Apache 1.3.27, Horde/IMP, was not affected by the same messages. Thanks for looking into this! Let me know if you need additional information. PHP ./configure line pasted below: './configure' '--prefix=/usr/local/php4-STABLE-200302041230' '--with-config-file-path=/etc' '--enable-force-cgi-redirect' '--disable-debug' '--enable-pic' '--disable-rpath' '--enable-inline-optimization' '--with-bz2' '--with-db4' '--with-zlib' '--with-gd' '--with-png-dir=/usr' '--with-freetype-dir=/usr' '--enable-gd-native-ttf' '--with-ttf' '--with-gdbm' '--with-gettext' '--with-ncurses' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-png' '--with-pspell' '--with-regex=system' '--with-xml' '--with-expat-dir=/usr' '--enable-bcmath' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-safe-mode=no' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-discard-path' '--enable-track-vars' '--enable-trans-sid' '--without-oci8' '--with-pear=/usr/share/pear' '--with-imap=shared' '--with-imap-ssl' '--with-ldap=shared' '--with-mysql=shared,/usr' '--enable-memory-limit' '--enable-bcmath' '--enable-shmop' '--enable-versioning' '--with-apxs2=/usr/local/apache-2.0.44/bin/apxs' '--with-kerberos=/usr/kerberos' -- Edit bug report at http://bugs.php.net/?id=22048&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=22048&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=22048&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=22048&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=22048&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=22048&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=22048&r=support Expected behavior: http://bugs.php.net/fix.php?id=22048&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=22048&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=22048&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=22048&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=22048&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=22048&r=dst IIS Stability: http://bugs.php.net/fix.php?id=22048&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=22048&r=gnused
