php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80259 Bad handling of RFC 2047 in case of folding white space
Submitted: 2020-10-19 21:38 UTC Modified: 2020-10-19 21:57 UTC
Votes:2
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: om+bugs dot php dot net at miakinen dot net Assigned:
Status: Verified Package: ICONV related
PHP Version: 7.3 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: om+bugs dot php dot net at miakinen dot net
New email:
PHP Version: OS:

 

 [2020-10-19 21:38 UTC] om+bugs dot php dot net at miakinen dot net
Description:
------------
---
From manual page: https://php.net/function.iconv-mime-decode
---

When there is a MIME encoded-word followed by a folding-white-space
(CR+LF+SPACE) followed by a simple word (not MIME encoded-word), the
function iconv_mime_decode doesn't add a space in between.

It works OK without the CR+LF.


My exact PHP version:

PHP 7.2.24-0ubuntu0.18.04.7 (cli) (built: Oct  7 2020 15:24:25) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.24-0ubuntu0.18.04.7, Copyright (c) 1999-2018, by Zend Technologies


Test script:
---------------
<?php
printf("%s\n", iconv_mime_decode("=?UTF-8?Q?two?= words"));
printf("%s\n", iconv_mime_decode("=?UTF-8?Q?two?=\r\n words"));
?>


Expected result:
----------------
two words
two words


Actual result:
--------------
two words
twowords


Patches

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-19 21:57 UTC] cmb@php.net
-Status: Open +Status: Verified -Package: *General Issues +Package: ICONV related -PHP Version: 7.2.34 +PHP Version: 7.3
 [2020-10-19 21:57 UTC] cmb@php.net
Confirmed: <https://3v4l.org/RmjD0>.
 [2021-04-14 14:02 UTC] cmb@php.net
The following pull request has been associated:

Patch Name: Fix #80259: Bad handling of RFC 2047 in case of folding white space
On GitHub:  https://github.com/php/php-src/pull/6865
Patch:      https://github.com/php/php-src/pull/6865.patch
 [2022-12-26 08:54 UTC] marlynrasavong at gmail dot com
Have you got solution for this .

(https://www.connectebt.us/)github.com
 [2023-01-18 05:08 UTC] neskemiquel at gmail dot com
White space is only significant in that indentation of continuation lines is used to indicate a rule definition that spans more than one line.

<https://www.mypepsico.org/>github.com
 [2023-05-02 09:39 UTC] austinpatrick711 at gmail dot com
RFC 2047 is a standard that defines how non-ASCII text can be represented in email headers using ASCII characters. One aspect of this standard is the use of encoded words, which are sequences of ASCII characters that represent non-ASCII text.

However, when folding white space is used in the encoded words, some email clients and servers may incorrectly handle the decoding of the text. Folding white space is when a line break is inserted in the middle of a long string of text to make it fit within a certain line length limit.

If an encoded word with folding white space is not correctly handled during decoding, it may result in garbled text or even a security vulnerability if the text is used in a context where it should not be. This can happen because different email clients and servers may interpret folding white space differently.  (https://www.tellhappystar.org/)github.com
 [2023-08-30 05:09 UTC] dj7 at forffives dot casa
it's a good product, i will use it
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Nov 24 07:02:12 2024 UTC