Diff for /embedaddon/php/ext/standard/mail.c between versions 1.1.1.2 and 1.1.1.4

version 1.1.1.2, 2012/05/29 12:34:43 version 1.1.1.4, 2013/10/14 08:02:34
Line 2 Line 2
    +----------------------------------------------------------------------+     +----------------------------------------------------------------------+
    | PHP Version 5                                                        |     | PHP Version 5                                                        |
    +----------------------------------------------------------------------+     +----------------------------------------------------------------------+
   | Copyright (c) 1997-2012 The PHP Group                                |   | Copyright (c) 1997-2013 The PHP Group                                |
    +----------------------------------------------------------------------+     +----------------------------------------------------------------------+
    | This source file is subject to version 3.01 of the PHP license,      |     | This source file is subject to version 3.01 of the PHP license,      |
    | that is bundled with this package in the file LICENSE, and is        |     | that is bundled with this package in the file LICENSE, and is        |
Line 39 Line 39
 #endif  #endif
 #endif  #endif
   
   #include "php_syslog.h"
 #include "php_mail.h"  #include "php_mail.h"
 #include "php_ini.h"  #include "php_ini.h"
 #include "php_string.h"  #include "php_string.h"
Line 189  PHP_FUNCTION(mail) Line 190  PHP_FUNCTION(mail)
 }  }
 /* }}} */  /* }}} */
   
   
   void php_mail_log_crlf_to_spaces(char *message) {
           /* Find all instances of carriage returns or line feeds and
            * replace them with spaces. Thus, a log line is always one line
            * long
            */
           char *p = message;
           while ((p = strpbrk(p, "\r\n"))) {
                   *p = ' ';
           }
   }
   
   void php_mail_log_to_syslog(char *message) {
           /* Write 'message' to syslog. */
   #ifdef HAVE_SYSLOG_H
           php_syslog(LOG_NOTICE, "%s", message);
   #endif
   }
   
   
   void php_mail_log_to_file(char *filename, char *message, size_t message_size TSRMLS_DC) {
           /* Write 'message' to the given file. */
           uint flags = IGNORE_URL_WIN | REPORT_ERRORS | STREAM_DISABLE_OPEN_BASEDIR;
           php_stream *stream = php_stream_open_wrapper(filename, "a", flags, NULL);
           if (stream) {
                   php_stream_write(stream, message, message_size);
                   php_stream_close(stream);
           }
   }
   
   
 /* {{{ php_mail  /* {{{ php_mail
  */   */
 PHPAPI int php_mail(char *to, char *subject, char *message, char *headers, char *extra_cmd TSRMLS_DC)  PHPAPI int php_mail(char *to, char *subject, char *message, char *headers, char *extra_cmd TSRMLS_DC)
Line 216  PHPAPI int php_mail(char *to, char *subject, char *mes Line 248  PHPAPI int php_mail(char *to, char *subject, char *mes
         if (mail_log && *mail_log) {          if (mail_log && *mail_log) {
                 char *tmp;                  char *tmp;
                 int l = spprintf(&tmp, 0, "mail() on [%s:%d]: To: %s -- Headers: %s\n", zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C), to, hdr ? hdr : "");                  int l = spprintf(&tmp, 0, "mail() on [%s:%d]: To: %s -- Headers: %s\n", zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C), to, hdr ? hdr : "");
                 php_stream *stream = php_stream_open_wrapper(mail_log, "a", IGNORE_URL_WIN | REPORT_ERRORS | STREAM_DISABLE_OPEN_BASEDIR, NULL);  
   
                if (hdr) { /* find all \r\n instances and replace them with spaces, so a log line is always one line long */                 if (hdr) {
                        char *p = tmp;                        php_mail_log_crlf_to_spaces(tmp);
                        while ((p = strpbrk(p, "\r\n"))) { 
                                *p = ' '; 
                        } 
                        tmp[l - 1] = '\n'; 
                 }                  }
                if (stream) {
                        php_stream_write(stream, tmp, l);                if (!strcmp(mail_log, "syslog")) {
                        php_stream_close(stream);                        /* Drop the final space when logging to syslog. */
                         tmp[l - 1] = 0;
                         php_mail_log_to_syslog(tmp);
                 }                  }
                   else {
                           /* Convert the final space to a newline when logging to file. */
                           tmp[l - 1] = '\n';
                           php_mail_log_to_file(mail_log, tmp, l TSRMLS_CC);
                   }
   
                 efree(tmp);                  efree(tmp);
         }          }
         if (PG(mail_x_header)) {          if (PG(mail_x_header)) {
Line 246  PHPAPI int php_mail(char *to, char *subject, char *mes Line 281  PHPAPI int php_mail(char *to, char *subject, char *mes
                 efree(f);                  efree(f);
         }          }
   
         /* Patched by Giam Teck Choon */  
         /* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */  
         /* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */  
         char *headers2=NULL;  
   
         // add a header in the form  
         //      X-PHP-Script: <server_name><php_self> for [<forwarded_for>,]<remote-addr>  
         while(1) {  
                 zval **server, **remote_addr, **forwarded_for, **php_self, **server_name;  
   
                 if (zend_hash_find(&EG(symbol_table), "_SERVER", sizeof("_SERVER"), (void **) &server)==FAILURE)  
                         break;  
                 if (Z_TYPE_PP(server)!=IS_ARRAY)  
                         break;  
                 if (zend_hash_find(Z_ARRVAL_PP(server), "REMOTE_ADDR", sizeof("REMOTE_ADDR"), (void **) &remote_addr) == FAILURE)  
                         break;  
                 if (zend_hash_find(Z_ARRVAL_PP(server), "HTTP_X_FORWARDED_FOR", sizeof("HTTP_X_FORWARDED_FOR"), (void **) &forwarded_for) == FAILURE)  
                         forwarded_for=NULL;  
                 if (zend_hash_find(Z_ARRVAL_PP(server), "PHP_SELF", sizeof("PHP_SELF"), (void **) &php_self) == FAILURE)  
                         break;  
                 if (zend_hash_find(Z_ARRVAL_PP(server), "SERVER_NAME", sizeof("SERVER_NAME"), (void **) &server_name) == FAILURE)  
                         break;  
                 headers2 = emalloc(32+Z_STRLEN_PP(server_name)+Z_STRLEN_PP(php_self)  
                         +(forwarded_for?Z_STRLEN_PP(forwarded_for)+2:0)  
                         +Z_STRLEN_PP(remote_addr));  
                 strcpy(headers2, "X-PHP-Script: ");  
                 strcat(headers2, Z_STRVAL_PP(server_name));  
                 if (strchr(Z_STRVAL_PP(php_self), '\n') != NULL || strchr(Z_STRVAL_PP(php_self), '\r') != NULL) {  
                         php_error_docref(NULL TSRMLS_CC, E_WARNING, "Newline found in PHP_SELF variable which might cause possible injection '%s'", Z_STRVAL_PP(php_self));  
                 }  
                 else {  
                         strcat(headers2, Z_STRVAL_PP(php_self));  
                 }  
                 strcat(headers2, " for ");  
                 if (forwarded_for) {  
                         strcat(headers2, Z_STRVAL_PP(forwarded_for));  
                         strcat(headers2, ", ");  
                 }  
                 strcat(headers2, Z_STRVAL_PP(remote_addr));  
                 break;  
         }  
         /* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */  
   
         if (!sendmail_path) {          if (!sendmail_path) {
 #if (defined PHP_WIN32 || defined NETWARE)  #if (defined PHP_WIN32 || defined NETWARE)
                 /* handle old style win smtp sending */                  /* handle old style win smtp sending */
Line 326  PHPAPI int php_mail(char *to, char *subject, char *mes Line 318  PHPAPI int php_mail(char *to, char *subject, char *mes
         sendmail = popen_ex(sendmail_cmd, "wb", NULL, NULL TSRMLS_CC);          sendmail = popen_ex(sendmail_cmd, "wb", NULL, NULL TSRMLS_CC);
 #else  #else
         /* Since popen() doesn't indicate if the internal fork() doesn't work          /* Since popen() doesn't indicate if the internal fork() doesn't work
         * (e.g. the shell can't be executed) we explicitely set it to 0 to be         * (e.g. the shell can't be executed) we explicitly set it to 0 to be
          * sure we don't catch any older errno value. */           * sure we don't catch any older errno value. */
         errno = 0;          errno = 0;
         sendmail = popen(sendmail_cmd, "w");          sendmail = popen(sendmail_cmd, "w");
Line 352  PHPAPI int php_mail(char *to, char *subject, char *mes Line 344  PHPAPI int php_mail(char *to, char *subject, char *mes
 #endif  #endif
                 fprintf(sendmail, "To: %s\n", to);                  fprintf(sendmail, "To: %s\n", to);
                 fprintf(sendmail, "Subject: %s\n", subject);                  fprintf(sendmail, "Subject: %s\n", subject);
                 /* Patched by Giam Teck Choon */  
                 /* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */  
                 /* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */  
                 if (headers2 != NULL) {  
                         fprintf(sendmail, "%s\n", headers2);  
                         efree(headers2);  
                 }  
                 /* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */  
                 if (hdr != NULL) {                  if (hdr != NULL) {
                         fprintf(sendmail, "%s\n", hdr);                          fprintf(sendmail, "%s\n", hdr);
                 }                  }

Removed from v.1.1.1.2  
changed lines
  Added in v.1.1.1.4


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>