--- embedaddon/php/ext/standard/mail.c 2012/05/29 12:34:43 1.1.1.2 +++ embedaddon/php/ext/standard/mail.c 2013/07/22 01:32:05 1.1.1.3 @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2012 The PHP Group | + | Copyright (c) 1997-2013 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: mail.c,v 1.1.1.2 2012/05/29 12:34:43 misho Exp $ */ +/* $Id: mail.c,v 1.1.1.3 2013/07/22 01:32:05 misho Exp $ */ #include #include @@ -39,6 +39,7 @@ #endif #endif +#include "php_syslog.h" #include "php_mail.h" #include "php_ini.h" #include "php_string.h" @@ -189,6 +190,37 @@ PHP_FUNCTION(mail) } /* }}} */ + +void php_mail_log_crlf_to_spaces(char *message) { + /* Find all instances of carriage returns or line feeds and + * replace them with spaces. Thus, a log line is always one line + * long + */ + char *p = message; + while ((p = strpbrk(p, "\r\n"))) { + *p = ' '; + } +} + +void php_mail_log_to_syslog(char *message) { + /* Write 'message' to syslog. */ +#ifdef HAVE_SYSLOG_H + php_syslog(LOG_NOTICE, "%s", message); +#endif +} + + +void php_mail_log_to_file(char *filename, char *message, size_t message_size TSRMLS_DC) { + /* Write 'message' to the given file. */ + uint flags = IGNORE_URL_WIN | REPORT_ERRORS | STREAM_DISABLE_OPEN_BASEDIR; + php_stream *stream = php_stream_open_wrapper(filename, "a", flags, NULL); + if (stream) { + php_stream_write(stream, message, message_size); + php_stream_close(stream); + } +} + + /* {{{ php_mail */ PHPAPI int php_mail(char *to, char *subject, char *message, char *headers, char *extra_cmd TSRMLS_DC) @@ -216,19 +248,22 @@ PHPAPI int php_mail(char *to, char *subject, char *mes if (mail_log && *mail_log) { char *tmp; int l = spprintf(&tmp, 0, "mail() on [%s:%d]: To: %s -- Headers: %s\n", zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C), to, hdr ? hdr : ""); - php_stream *stream = php_stream_open_wrapper(mail_log, "a", IGNORE_URL_WIN | REPORT_ERRORS | STREAM_DISABLE_OPEN_BASEDIR, NULL); - if (hdr) { /* find all \r\n instances and replace them with spaces, so a log line is always one line long */ - char *p = tmp; - while ((p = strpbrk(p, "\r\n"))) { - *p = ' '; - } - tmp[l - 1] = '\n'; + if (hdr) { + php_mail_log_crlf_to_spaces(tmp); } - if (stream) { - php_stream_write(stream, tmp, l); - php_stream_close(stream); + + if (!strcmp(mail_log, "syslog")) { + /* Drop the final space when logging to syslog. */ + tmp[l - 1] = 0; + php_mail_log_to_syslog(tmp); } + else { + /* Convert the final space to a newline when logging to file. */ + tmp[l - 1] = '\n'; + php_mail_log_to_file(mail_log, tmp, l TSRMLS_CC); + } + efree(tmp); } if (PG(mail_x_header)) { @@ -246,49 +281,6 @@ PHPAPI int php_mail(char *to, char *subject, char *mes efree(f); } - /* Patched by Giam Teck Choon */ - /* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ - /* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */ - char *headers2=NULL; - - // add a header in the form - // X-PHP-Script: for [,] - while(1) { - zval **server, **remote_addr, **forwarded_for, **php_self, **server_name; - - if (zend_hash_find(&EG(symbol_table), "_SERVER", sizeof("_SERVER"), (void **) &server)==FAILURE) - break; - if (Z_TYPE_PP(server)!=IS_ARRAY) - break; - if (zend_hash_find(Z_ARRVAL_PP(server), "REMOTE_ADDR", sizeof("REMOTE_ADDR"), (void **) &remote_addr) == FAILURE) - break; - if (zend_hash_find(Z_ARRVAL_PP(server), "HTTP_X_FORWARDED_FOR", sizeof("HTTP_X_FORWARDED_FOR"), (void **) &forwarded_for) == FAILURE) - forwarded_for=NULL; - if (zend_hash_find(Z_ARRVAL_PP(server), "PHP_SELF", sizeof("PHP_SELF"), (void **) &php_self) == FAILURE) - break; - if (zend_hash_find(Z_ARRVAL_PP(server), "SERVER_NAME", sizeof("SERVER_NAME"), (void **) &server_name) == FAILURE) - break; - headers2 = emalloc(32+Z_STRLEN_PP(server_name)+Z_STRLEN_PP(php_self) - +(forwarded_for?Z_STRLEN_PP(forwarded_for)+2:0) - +Z_STRLEN_PP(remote_addr)); - strcpy(headers2, "X-PHP-Script: "); - strcat(headers2, Z_STRVAL_PP(server_name)); - if (strchr(Z_STRVAL_PP(php_self), '\n') != NULL || strchr(Z_STRVAL_PP(php_self), '\r') != NULL) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "Newline found in PHP_SELF variable which might cause possible injection '%s'", Z_STRVAL_PP(php_self)); - } - else { - strcat(headers2, Z_STRVAL_PP(php_self)); - } - strcat(headers2, " for "); - if (forwarded_for) { - strcat(headers2, Z_STRVAL_PP(forwarded_for)); - strcat(headers2, ", "); - } - strcat(headers2, Z_STRVAL_PP(remote_addr)); - break; - } - /* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ - if (!sendmail_path) { #if (defined PHP_WIN32 || defined NETWARE) /* handle old style win smtp sending */ @@ -352,14 +344,6 @@ PHPAPI int php_mail(char *to, char *subject, char *mes #endif fprintf(sendmail, "To: %s\n", to); fprintf(sendmail, "Subject: %s\n", subject); - /* Patched by Giam Teck Choon */ - /* start add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ - /* Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string */ - if (headers2 != NULL) { - fprintf(sendmail, "%s\n", headers2); - efree(headers2); - } - /* end add additional headers with self tweaking with reference to Steve Bennett's PHP mail() header patch at http://www.lancs.ac.uk/~steveb/php-mail-header-patch/ */ if (hdr != NULL) { fprintf(sendmail, "%s\n", hdr); }