#define SKIP_LONG_HEADER_SEP_MBSTRING(str, pos) \
if (str[pos] == '\r' && str[pos + 1] == '\n' && (str[pos + 2] == ' ' || str[pos + 2] == '\t')) { \
- pos += 3; \
- while (str[pos] == ' ' || str[pos] == '\t') { \
+ pos += 2; \
+ while (str[pos + 1] == ' ' || str[pos + 1] == '\t') { \
pos++; \
} \
continue; \
}
+#define MAIL_ASCIIZ_CHECK_MBSTRING(str, len) \
+ pp = str; \
+ ee = pp + len; \
+ while ((pp = memchr(pp, '\0', (ee - pp)))) { \
+ *pp = ' '; \
+ } \
+
#define APPEND_ONE_CHAR(ch) do { \
if (token.a > 0) { \
smart_str_appendc(&token, ch); \
HashTable ht_headers;
smart_str *s;
extern void mbfl_memory_device_unput(mbfl_memory_device *device);
+ char *pp, *ee;
if (PG(safe_mode) && (ZEND_NUM_ARGS() == 5)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "SAFE MODE Restriction in effect. The fifth parameter is disabled in SAFE MODE.");
return;
}
+ /* ASCIIZ check */
+ MAIL_ASCIIZ_CHECK_MBSTRING(to, to_len);
+ MAIL_ASCIIZ_CHECK_MBSTRING(subject, subject_len);
+ MAIL_ASCIIZ_CHECK_MBSTRING(message, message_len);
+ if (headers) {
+ MAIL_ASCIIZ_CHECK_MBSTRING(headers, headers_len);
+ }
+ if (extra_cmd) {
+ MAIL_ASCIIZ_CHECK_MBSTRING(extra_cmd, extra_cmd_len);
+ }
+
zend_hash_init(&ht_headers, 0, NULL, (dtor_func_t) my_smart_str_dtor, 0);
if (headers != NULL) {
}
#undef SKIP_LONG_HEADER_SEP_MBSTRING
+#undef MAIL_ASCIIZ_CHECK_MBSTRING
#undef APPEND_ONE_CHAR
#undef SEPARATE_SMART_STR
#undef PHP_MBSTR_MAIL_MIME_HEADER1
projects / php / commitdiff