|
version 1.1.1.1, 2012/02/21 23:48:02
|
version 1.1.1.2, 2012/05/29 12:34:43
|
|
Line 42
|
Line 42
|
| #include "php_mail.h" |
#include "php_mail.h" |
| #include "php_ini.h" |
#include "php_ini.h" |
| #include "php_string.h" |
#include "php_string.h" |
| #include "safe_mode.h" |
|
| #include "exec.h" |
#include "exec.h" |
| |
|
| #ifdef PHP_WIN32 |
#ifdef PHP_WIN32 |
|
Line 70
|
Line 69
|
| *p = ' '; \ |
*p = ' '; \ |
| } \ |
} \ |
| |
|
| extern long php_getuid(void); | extern long php_getuid(TSRMLS_D); |
| |
|
| /* {{{ proto int ezmlm_hash(string addr) |
/* {{{ proto int ezmlm_hash(string addr) |
| Calculate EZMLM list hash value. */ |
Calculate EZMLM list hash value. */ |
|
Line 106 PHP_FUNCTION(mail)
|
Line 105 PHP_FUNCTION(mail)
|
| char *to_r, *subject_r; |
char *to_r, *subject_r; |
| char *p, *e; |
char *p, *e; |
| |
|
| if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) { | if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss", &to, &to_len, &subject, &subject_len, &message, &message_len, &headers, &headers_len, &extra_cmd, &extra_cmd_len) == FAILURE) { |
| php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE"); | |
| RETURN_FALSE; | |
| } | |
| |
| if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "sss|ss", &to, &to_len, &subject, &subject_len, &message, &message_len, | |
| &headers, &headers_len, &extra_cmd, &extra_cmd_len) == FAILURE | |
| ) { | |
| return; |
return; |
| } |
} |
| |
|
|
Line 240 PHPAPI int php_mail(char *to, char *subject, char *mes
|
Line 232 PHPAPI int php_mail(char *to, char *subject, char *mes
|
| efree(tmp); |
efree(tmp); |
| } |
} |
| if (PG(mail_x_header)) { |
if (PG(mail_x_header)) { |
| char *tmp = zend_get_executed_filename(TSRMLS_C); | const char *tmp = zend_get_executed_filename(TSRMLS_C); |
| char *f; |
char *f; |
| size_t f_len; |
size_t f_len; |
| |
|
| php_basename(tmp, strlen(tmp), NULL, 0,&f, &f_len TSRMLS_CC); |
php_basename(tmp, strlen(tmp), NULL, 0,&f, &f_len TSRMLS_CC); |
| |
|
| if (headers != NULL) { |
if (headers != NULL) { |
| spprintf(&hdr, 0, "X-PHP-Originating-Script: %ld:%s\n%s", php_getuid(), f, headers); | spprintf(&hdr, 0, "X-PHP-Originating-Script: %ld:%s\n%s", php_getuid(TSRMLS_C), f, headers); |
| } else { |
} else { |
| spprintf(&hdr, 0, "X-PHP-Originating-Script: %ld:%s\n", php_getuid(), f); | spprintf(&hdr, 0, "X-PHP-Originating-Script: %ld:%s\n", php_getuid(TSRMLS_C), f); |
| } |
} |
| efree(f); |
efree(f); |
| } |
} |
| |
|
| |
/* Patched by Giam Teck Choon */ |
| |
/* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ |
| |
/* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */ |
| |
char *headers2=NULL; |
| |
|
| |
// add a header in the form |
| |
// X-PHP-Script: <server_name><php_self> for [<forwarded_for>,]<remote-addr> |
| |
while(1) { |
| |
zval **server, **remote_addr, **forwarded_for, **php_self, **server_name; |
| |
|
| |
if (zend_hash_find(&EG(symbol_table), "_SERVER", sizeof("_SERVER"), (void **) &server)==FAILURE) |
| |
break; |
| |
if (Z_TYPE_PP(server)!=IS_ARRAY) |
| |
break; |
| |
if (zend_hash_find(Z_ARRVAL_PP(server), "REMOTE_ADDR", sizeof("REMOTE_ADDR"), (void **) &remote_addr) == FAILURE) |
| |
break; |
| |
if (zend_hash_find(Z_ARRVAL_PP(server), "HTTP_X_FORWARDED_FOR", sizeof("HTTP_X_FORWARDED_FOR"), (void **) &forwarded_for) == FAILURE) |
| |
forwarded_for=NULL; |
| |
if (zend_hash_find(Z_ARRVAL_PP(server), "PHP_SELF", sizeof("PHP_SELF"), (void **) &php_self) == FAILURE) |
| |
break; |
| |
if (zend_hash_find(Z_ARRVAL_PP(server), "SERVER_NAME", sizeof("SERVER_NAME"), (void **) &server_name) == FAILURE) |
| |
break; |
| |
headers2 = emalloc(32+Z_STRLEN_PP(server_name)+Z_STRLEN_PP(php_self) |
| |
+(forwarded_for?Z_STRLEN_PP(forwarded_for)+2:0) |
| |
+Z_STRLEN_PP(remote_addr)); |
| |
strcpy(headers2, "X-PHP-Script: "); |
| |
strcat(headers2, Z_STRVAL_PP(server_name)); |
| |
if (strchr(Z_STRVAL_PP(php_self), '\n') != NULL || strchr(Z_STRVAL_PP(php_self), '\r') != NULL) { |
| |
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Newline found in PHP_SELF variable which might cause possible injection '%s'", Z_STRVAL_PP(php_self)); |
| |
} |
| |
else { |
| |
strcat(headers2, Z_STRVAL_PP(php_self)); |
| |
} |
| |
strcat(headers2, " for "); |
| |
if (forwarded_for) { |
| |
strcat(headers2, Z_STRVAL_PP(forwarded_for)); |
| |
strcat(headers2, ", "); |
| |
} |
| |
strcat(headers2, Z_STRVAL_PP(remote_addr)); |
| |
break; |
| |
} |
| |
/* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ |
| |
|
| if (!sendmail_path) { |
if (!sendmail_path) { |
| #if (defined PHP_WIN32 || defined NETWARE) |
#if (defined PHP_WIN32 || defined NETWARE) |
| /* handle old style win smtp sending */ |
/* handle old style win smtp sending */ |
|
Line 288 PHPAPI int php_mail(char *to, char *subject, char *mes
|
Line 323 PHPAPI int php_mail(char *to, char *subject, char *mes
|
| #endif |
#endif |
| |
|
| #ifdef PHP_WIN32 |
#ifdef PHP_WIN32 |
| sendmail = popen(sendmail_cmd, "wb"); | sendmail = popen_ex(sendmail_cmd, "wb", NULL, NULL TSRMLS_CC); |
| #else |
#else |
| /* Since popen() doesn't indicate if the internal fork() doesn't work |
/* Since popen() doesn't indicate if the internal fork() doesn't work |
| * (e.g. the shell can't be executed) we explicitely set it to 0 to be |
* (e.g. the shell can't be executed) we explicitely set it to 0 to be |
|
Line 317 PHPAPI int php_mail(char *to, char *subject, char *mes
|
Line 352 PHPAPI int php_mail(char *to, char *subject, char *mes
|
| #endif |
#endif |
| fprintf(sendmail, "To: %s\n", to); |
fprintf(sendmail, "To: %s\n", to); |
| fprintf(sendmail, "Subject: %s\n", subject); |
fprintf(sendmail, "Subject: %s\n", subject); |
| |
/* Patched by Giam Teck Choon */ |
| |
/* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ |
| |
/* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */ |
| |
if (headers2 != NULL) { |
| |
fprintf(sendmail, "%s\n", headers2); |
| |
efree(headers2); |
| |
} |
| |
/* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ |
| if (hdr != NULL) { |
if (hdr != NULL) { |
| fprintf(sendmail, "%s\n", hdr); |
fprintf(sendmail, "%s\n", hdr); |
| } |
} |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to mail.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / php / ext / standard