php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #55146 iconv_mime_decode_headers() skips some headers
Submitted: 2011-07-06 08:49 UTC Modified: 2018-08-25 12:35 UTC
Votes:12
Avg. Score:4.7 ± 0.6
Reproduced:8 of 8 (100.0%)
Same Version:7 (87.5%)
Same OS:7 (87.5%)
From: dmitry at spamexperts dot com Assigned: cmb (profile)
Status: Closed Package: ICONV related
PHP Version: Irrelevant OS: Debian Squeeze
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: dmitry at spamexperts dot com
New email:
PHP Version: OS:

 

 [2011-07-06 08:49 UTC] dmitry at spamexperts dot com 
Description:
------------
If ICONV_MIME_DECODE_CONTINUE_ON_ERROR mode is switched on the mime_decode_headers() function parses well-formed headers wrongly. Using of ICONV_MIME_DECODE_STRICT mode solve the problem.

Test script:
---------------
<?php

$headers = <<< HEADERS
X-Header-One: H4sIAAAAAAAAA+NgFlsCAAA=
X-Header-Two: XtLePq6GTMn8G68F0
HEADERS;

echo 'Wrong decoding:<br /><pre>';
var_dump(iconv_mime_decode_headers($headers, ICONV_MIME_DECODE_CONTINUE_ON_ERROR));
echo '</pre>';

echo 'Correct decoding:<br /><pre>';
var_dump(iconv_mime_decode_headers($headers, ICONV_MIME_DECODE_STRICT));
echo '</pre>';


Expected result:
----------------
Expected result is shown in the test script under "Correct decoding".

Actual result:
--------------
One header is missing from the result

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-07-16 01:33 UTC] lonnyk at gmail dot com 
I am trying to test/fix this, but I do not know what encoding you are trying to 
decode this to. Can you please let us know what encoding you are trying to decode 
the headers to?

Thank you!
 [2011-07-16 04:53 UTC] dmitry at spamexperts dot com 
The whole application is using UTF-8 encoding, also if I add 

iconv_set_encoding('internal_encoding', 'UTF-8');
iconv_set_encoding('input_encoding', 'UTF-8');
iconv_set_encoding('output_encoding', 'UTF-8');

at the beginning of the test script the bug is still actual. Hope that helps, if 
not - feel free to ask me for any info you need.

Thanks!
 [2011-07-16 04:56 UTC] dmitry at spamexperts dot com 
If you mean encoding of the X-Header-One header contents 
(H4sIAAAAAAAAA+NgFlsCAAA=) - that's just a random set of chars.
 [2015-05-16 12:47 UTC] cmb@php.net 
I can't reproduce this issue, see <http://3v4l.org/QcCSR>. It
might be related to the iconv library in use.
 [2017-06-14 19:03 UTC] php at spam dot lifeforms dot nl 
We stumbled upon the same bug, I think.

There is definitely something interesting going on when a '=' character is used in a header, but only in ICONV_MIME_DECODE_CONTINUE_ON_ERROR.

E-mails from Trello are parsed incorrectly in this case, for instance.

As a testcase shows, the next header is being appended to the "DKIM-Signature" header containing the '=' characters:

https://3v4l.org/nfLjB
 [2018-08-12 16:42 UTC] cmb@php.net
-Status: Open +Status: Verified
 [2018-08-12 16:42 UTC] cmb@php.net 
Ah, now I've got it!  The result is greatly affected by the line
endings.  With proper CRLF there are two headers, but the first
has a trailing CR.  If the headers are separated by LF only, the
result is as reported.

Furthermore, if the header value consists of a single equal sign
(=), ICONV_MIME_DECODE_STRICT is broken as well.
 [2018-08-12 18:00 UTC] cmb@php.net 
<https://github.com/php/php-src/pull/3437> is supposed to resolve
this issue.
 [2018-08-25 12:35 UTC] cmb@php.net
-Assigned To: +Assigned To: cmb
 [2018-08-25 12:44 UTC] cmb@php.net 
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=6e1980e1520306cc5ec7109ccb3d7c8a0a672689
Log: Fix #55146: iconv_mime_decode_headers() skips some headers
 [2018-08-25 12:44 UTC] cmb@php.net
-Status: Verified +Status: Closed
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Nov 23 08:01:28 2024 UTC