ID: 19307
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Mail related
Operating System: FreeBSD
PHP Version: 4.2.3
New Comment:
I would really appreciate it if this patch could make it into the
official PHP distribution. It's not unusual to have safe_mode on and
insist that user have to change the Envelope-From when sending mail.
Previous Comments:
------------------------------------------------------------------------
[2002-09-10 04:54:21] [EMAIL PROTECTED]
I live now with this patch ...
--- ext/standard/mail.c.orig Sat Aug 24 13:38:13 2002
+++ ext/standard/mail.c Tue Sep 10 11:19:33 2002
@@ -72,11 +72,6 @@
char *to=NULL, *message=NULL, *headers=NULL, *subject=NULL,
*extra_cmd=NULL;
int
to_len,message_len,headers_len,subject_len,extra_cmd_len,i;
- if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) {
- php_error(E_WARNING, "%s(): SAFE MODE Restriction in
effect. The fifth parameter is disabled in SAFE MODE.",
get_active_function_name(TSRMLS_C));
- RETURN_FALSE;
- }
-
if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss",
&to,
&to_len,
&subject,
&subject_len,
@@ -111,6 +106,33 @@
}
}
+ if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) {
+ if (extra_cmd > 0) {
+ if (extra_cmd[0] != '-' || extra_cmd[1] != 'f')
{
+ php_error(E_WARNING,
+ "%s(): SAFE MODE Restriction in
effect. SAFE MODE does only allow -f as fifth parameter.",
+
get_active_function_name(TSRMLS_C));
+ RETURN_FALSE;
+ }
+ }
+ for(;extra_cmd_len;extra_cmd_len--) {
+ if(!isspace((unsigned
char)extra_cmd[extra_cmd_len-1]))break;
+ to[extra_cmd_len-1]='\0';
+ }
+ for(i=2;extra_cmd[i];i++) {
+ if (iscntrl((unsigned char)extra_cmd[i])) {
+ php_error(E_WARNING,
+ "%s(): SAFE MODE Restriction in
effect. Forbidden control characters found in fifth parameter.",
+
get_active_function_name(TSRMLS_C));
+ RETURN_FALSE;
+ }
+ if (isspace((unsigned char)extra_cmd[i - 1]) &&
extra_cmd[i] == '-') {
+ php_error(E_WARNING,
+ "%s(): SAFE MODE Restriction in
effect. SAFE MODE does only allow -f and only one parameter.",
+
get_active_function_name(TSRMLS_C));
+ }
+ }
+ }
if(extra_cmd)
extra_cmd = php_escape_shell_arg(extra_cmd);
------------------------------------------------------------------------
[2002-09-09 06:48:55] [EMAIL PROTECTED]
In 4.2.3 the ASCII control char injection in the 5th parameter to
sendmail got fixed, that means it got disabled if a user is using the
securemode.
Of course this is a important thing to do, but we use the -f parameter
of
sendmail, so disable it completly is not an option.
mail($emailto, $titel, $text, "From: $emailfrom\nReply-To:
$emailfrom\nContent-Type: text/plain;
charset=iso-8859-1\nContent-Transfer-Encoding: 8bit", "-f$emailfrom");
So my question is if you could enable just -f mailadress, and verify if
it is a mail-
adress and reject all other things.
Martin
Martin Blapp, <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
------------------------------------------------------------------
ImproWare AG, UNIXSP & ISP, Zurlindenstrasse 29, 4133 Pratteln, CH
Phone: +41 061 826 93 00: +41 61 826 93 01
PGP: <finger -l [EMAIL PROTECTED]>
PGP Fingerprint: B434 53FC C87C FE7B 0A18 B84C 8686 EF22 D300 551E
------------------------------------------------------------------
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=19307&edit=1
