jani Mon Aug 4 21:16:22 2008 UTC Added files: (Branch: PHP_5_2) /php-src/ext/imap/tests bug45705_1.phpt bug45705_2.phpt
Modified files: /php-src NEWS /php-src/ext/imap php_imap.c Log: MFH:- Fixed bug #45705 (rfc822_parse_adrlist() modifies passed address parameter) http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1187&r2=1.2027.2.547.2.1188&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.1187 php-src/NEWS:1.2027.2.547.2.1188 --- php-src/NEWS:1.2027.2.547.2.1187 Sat Aug 2 20:49:47 2008 +++ php-src/NEWS Mon Aug 4 21:16:21 2008 @@ -14,6 +14,8 @@ - Fixed a regression when using strip_tags() and < is within an attribute. (Scott) +- Fixed bug #45705 (rfc822_parse_adrlist() modifies passed address parameter). + (Jani) - Fixed bug #45691 (Some per-dir or runtime settings may leak into other requests). (Moriyoshi) - Fixed bug #45568 (ISAPI doesn't properly clear auth_digest in header). http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.35&r2=1.208.2.7.2.36&diff_format=u Index: php-src/ext/imap/php_imap.c diff -u php-src/ext/imap/php_imap.c:1.208.2.7.2.35 php-src/ext/imap/php_imap.c:1.208.2.7.2.36 --- php-src/ext/imap/php_imap.c:1.208.2.7.2.35 Mon Aug 4 20:54:20 2008 +++ php-src/ext/imap/php_imap.c Mon Aug 4 21:16:22 2008 @@ -26,7 +26,7 @@ | PHP 4.0 updates: Zeev Suraski <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: php_imap.c,v 1.208.2.7.2.35 2008/08/04 20:54:20 jani Exp $ */ +/* $Id: php_imap.c,v 1.208.2.7.2.36 2008/08/04 21:16:22 jani Exp $ */ #define IMAP41 @@ -2157,7 +2157,8 @@ zval **str, **defaulthost, *tovals; ADDRESS *addresstmp; ENVELOPE *env; - + char *str_copy; + if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &str, &defaulthost) == FAILURE) { ZEND_WRONG_PARAM_COUNT(); } @@ -2168,7 +2169,10 @@ env = mail_newenvelope(); - rfc822_parse_adrlist(&env->to, Z_STRVAL_PP(str), Z_STRVAL_PP(defaulthost)); + /* rfc822_parse_adrlist() modifies passed string. Copy it. */ + str_copy = estrndup(Z_STRVAL_PP(str), Z_STRLEN_PP(str)); + rfc822_parse_adrlist(&env->to, str_copy, defaulthost); + efree(str_copy); array_init(return_value); @@ -2964,7 +2968,7 @@ BODY *bod=NULL, *topbod=NULL; PART *mypart=NULL, *part; PARAMETER *param, *disp_param = NULL, *custom_headers_param = NULL, *tmp_param = NULL; - char *tmp=NULL, *mystring=NULL, *t=NULL, *tempstring=NULL; + char *tmp=NULL, *mystring=NULL, *t=NULL, *tempstring=NULL, *str_copy = NULL; int toppart = 0; if (ZEND_NUM_ARGS() != 2 || zend_get_parameters_ex(2, &envelope, &body) == FAILURE) { @@ -2981,50 +2985,55 @@ RETURN_FALSE; } +#define PHP_RFC822_PARSE_ADRLIST(target, value) \ + str_copy = estrndup(Z_STRVAL_PP(value), Z_STRLEN_PP(value)); \ + rfc822_parse_adrlist(target, str_copy, "NO HOST"); \ + efree(str_copy); + env = mail_newenvelope(); if (zend_hash_find(Z_ARRVAL_PP(envelope), "remail", sizeof("remail"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - env->remail=cpystr(Z_STRVAL_PP(pvalue)); + env->remail = cpystr(Z_STRVAL_PP(pvalue)); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "return_path", sizeof("return_path"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue) - rfc822_parse_adrlist(&env->return_path, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->return_path, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "date", sizeof("date"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - env->date=cpystr(Z_STRVAL_PP(pvalue)); + env->date = cpystr(Z_STRVAL_PP(pvalue)); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "from", sizeof("from"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - rfc822_parse_adrlist (&env->from, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->from, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "reply_to", sizeof("reply_to"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - rfc822_parse_adrlist (&env->reply_to, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->reply_to, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "in_reply_to", sizeof("in_reply_to"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - env->in_reply_to=cpystr(Z_STRVAL_PP(pvalue)); + env->in_reply_to = cpystr(Z_STRVAL_PP(pvalue)); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "subject", sizeof("subject"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - env->subject=cpystr(Z_STRVAL_PP(pvalue)); + env->subject = cpystr(Z_STRVAL_PP(pvalue)); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "to", sizeof("to"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - rfc822_parse_adrlist (&env->to, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->to, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "cc", sizeof("cc"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - rfc822_parse_adrlist (&env->cc, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->cc, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "bcc", sizeof("bcc"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - rfc822_parse_adrlist (&env->bcc, Z_STRVAL_PP(pvalue), "NO HOST"); + PHP_RFC822_PARSE_ADRLIST(&env->bcc, pvalue); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "message_id", sizeof("message_id"), (void **) &pvalue)== SUCCESS) { convert_to_string_ex(pvalue); - env->message_id=cpystr(Z_STRVAL_PP(pvalue)); + env->message_id = cpystr(Z_STRVAL_PP(pvalue)); } if (zend_hash_find(Z_ARRVAL_PP(envelope), "custom_headers", sizeof("custom_headers"), (void **) &pvalue)== SUCCESS) { http://cvs.php.net/viewvc.cgi/php-src/ext/imap/tests/bug45705_1.phpt?view=markup&rev=1.1 Index: php-src/ext/imap/tests/bug45705_1.phpt +++ php-src/ext/imap/tests/bug45705_1.phpt --TEST-- Bug #45705 test #1 (imap rfc822_parse_adrlist() modifies passed address parameter) --SKIPIF-- <?php if (!extension_loaded("imap")) { die("skip imap extension not available"); } ?> --FILE-- <?php $address = 'John Doe <[EMAIL PROTECTED]>'; var_dump($address); imap_rfc822_parse_adrlist($address, null); var_dump($address); ?> --EXPECT-- unicode(27) "John Doe <[EMAIL PROTECTED]>" unicode(27) "John Doe <[EMAIL PROTECTED]>" http://cvs.php.net/viewvc.cgi/php-src/ext/imap/tests/bug45705_2.phpt?view=markup&rev=1.1 Index: php-src/ext/imap/tests/bug45705_2.phpt +++ php-src/ext/imap/tests/bug45705_2.phpt --TEST-- Bug #45705 test #2 (imap rfc822_parse_adrlist() modifies passed address parameter) --SKIPIF-- <?php if (!extension_loaded("imap")) { die("skip imap extension not available"); } ?> --FILE-- <?php $envelope = array('return_path' => 'John Doe <[EMAIL PROTECTED]>', 'from' => 'John Doe <[EMAIL PROTECTED]>', 'reply_to' => 'John Doe <[EMAIL PROTECTED]>', 'to' => 'John Doe <[EMAIL PROTECTED]>', 'cc' => 'John Doe <[EMAIL PROTECTED]>', 'bcc' => 'John Doe <[EMAIL PROTECTED]>', ); var_dump($envelope); imap_mail_compose($envelope, array(1 => array())); var_dump($envelope); ?> --EXPECT-- array(6) { [u"return_path"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"from"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"reply_to"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"to"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"cc"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"bcc"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" } array(6) { [u"return_path"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"from"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"reply_to"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"to"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"cc"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" [u"bcc"]=> unicode(27) "John Doe <[EMAIL PROTECTED]>" } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php