php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #19685 apache crash on imap_rfc822_parse_headers
Submitted: 2002-10-01 04:36 UTC Modified: 2008-01-19 22:20 UTC
Votes:7
Avg. Score:4.4 ± 0.9
Reproduced:4 of 5 (80.0%)
Same Version:2 (50.0%)
Same OS:2 (50.0%)
From: sundaydriver at hushmail dot com Assigned:
Status: No Feedback Package: IMAP related
PHP Version: 4.2.0 OS: FreeBSD 4.5-RELEASE
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sundaydriver at hushmail dot com
New email:
PHP Version: OS:

 

 [2002-10-01 04:36 UTC] sundaydriver at hushmail dot com
Code that caused crash:

$msg = imap_fetchheader($imap_stream, $message_id);
$headers =  imap_rfc822_parse_headers($msg);

I believe it is cause by a long recipient list (To field) wrapped many times with a final address that looks like:

user@juno.com (Blah Blah))))

Looks like the extra parentheses (which have no previous matching parentheses) cause the crash.

If the user grants us permission, I'll update this report to include the entire message.

Regards,
Brian Smith
VP, Engineering
Hush Communications Corporation


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-01 05:36 UTC] sniper@php.net
Thank you for taking the time to report a problem with PHP.
Unfortunately you are not using a current version of PHP -- 
the problem might already be fixed. Please download a new
PHP version from http://www.php.net/downloads.php

If you are able to reproduce the bug with one of the latest
versions of PHP, please change the PHP version on this bug report
to the version you tested and change the status back to "Open".
Again, thank you for your continued support of PHP.
 [2002-10-02 22:03 UTC] sundaydriver at hushmail dot com
$msg = imap_fetchheader($imap_stream, $message_id);
$headers =  imap_rfc822_parse_headers($msg);

I believe it is cause by a long recipient list (To field) wrapped many
times with a final address that looks like:

user@juno.com (Blah Blah))))

Looks like the extra parentheses (which have no previous matching
parentheses) cause the crash.

If the user grants us permission, I'll update this report to include the
entire message.

Regards,
Brian Smith
VP, Engineering
Hush Communications Corporation

Got the user's permission.  Here's the message.  Will update this bug after testing on most recent PHP.

Message that caused crash retrieved directly from Cyrus using FETCH (rfc822) - reprinted with user's permission:

Return-Path: <cyrus@imap3.hushmail.com>
X-Sieve: cmu-sieve 2.0
Return-Path: <SLOLEYC@aol.com>
Received: from smtp2.hushmail.com (smtp2.hushmail.com [64.40.111.32])
        by imap3.hushmail.com (Postfix) with ESMTP id 9CE5139416C
        for <light2morocco_40hushmail_2ecom@imap3.hushmail.com>; Thu, 29 Aug 2002 13:13:11 -0700 (PDT)
Received: from imo-m05.mx.aol.com (imo-m05.mx.aol.com [64.12.136.8])
        by smtp2.hushmail.com (Postfix) with ESMTP id 17E0A1A9C2
        for <Light2Morocco@hushmail.com>; Thu, 29 Aug 2002 13:13:09 -0700 (PDT)
Received: from SLOLEYC@aol.com
        by imo-m05.mx.aol.com (mail_out_v34.10.) id 9.113.168afbde (30960);
        Thu, 29 Aug 2002 16:03:44 -0400 (EDT)
From: SLOLEYC@aol.com
Message-ID: <113.168afbde.2a9fd81f@aol.com>
Date: Thu, 29 Aug 2002 16:03:43 EDT
Subject: Address Change
To: ArielGallop@aol.com, Dunesummer@aol.com, ILBAS@aol.com,
        AFCowgirl04@aol.com, mgocio@scirex.com (Michele Gocio),
        gracechurchalvin@hotmail.com (Adam Goren (E-mail),
        txag99@hotmail.com (Adam Goren), Ty514@yahoo.com (Ty Griffin),
        TamJoGross@aol.com, lhaines@saintdunstans.org, Redeemerrat@aol.com,
        GenMusic@aol.com, terryheatherhall@juno.com, Spiritchic04@aol.com,
        KHall95950@aol.com, Thundersoccer1606@yahoo.com (Nicole Hand),
        jmhaney@prodigy.net (John Haney (E-mail), Othatmitzi@aol.com,
        r_hatheway@juno.com (Richard Hatheway),
        Richard_Hatheway@Dell.com (Richard Hatheway work),
        tomstarla@paoline.com, MHangel@aol.com,
        Thenry@houston.rr.com (Ted Henry), homewardbound@sbcglobal.net,
        LilC299@aol.com, TerTer40s@aol.com, mah@austin.rr.com (Mary Ann),
        scott@oax.com, joe@daystarideas.com, stmom2@juno.com (Candace Ibbotson),
        SIMDude32@aol.com, Frjpjameson@aol.com, JPJameson@aol.com,
        Sharp1653@aol.com, KJJensen@austin.rr.com (Jason Jensen),
        ewartj@rocketmail.com (Ewart Jones), AKeith1@aol.com,
        jkeith@us.ibm.com (Joyce Keith), Lefty13Mel@aol.com,
        Shell13Frog@aol.com, kentres@msn.com (Kelly Kent),
        petekingsley@hotmail.com (Peter Kingsley),
        newspk@ev1.net (Peggie Klema), mkorte@austin.rr.com (Karol Korte),
        Light2Morocco@Hushmail.com, sarah_monty@yahoo.com,
        sarahdean@houston.rr.com, 2lawsons@seacove.net (Sandra Lawson),
        kari@orbitworld.net (Kari Lessner (E-mail), karil@stjohns-laporte.org,
        FrJimbo@msn.com (Jim Liberatore), ericliles@yahoo.com (Eric Liles),
        Eric@StMattsAustin.org (Eric Liles),
        JSCLindstrom@prodigy.net (Susan Lindstrom), simplistics@hotmail.com,
        Nicloos@yahoo.com (Nicol Loos), dlugo@austin.rr.com (Debbie Lugo),
        hazel413@austin.rr.com (Jessica Lugo),
        misa113@hotmail.com (Marisa Lugo), ETRIPP4@aol.com,
        KirKir@juno.com (Kirsten Lynch), Rainbow88@juno.com (Mary Lynch))))
Cc: vberry@stlukesonthelake.org (St Lukes EYC)
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="part1_113.168afbde.2a9fd81f_boundary"
X-Mailer: AOL 6.0 for Windows US sub 10572


--part1_113.168afbde.2a9fd81f_boundary
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

Hey Y'all!

St. Luke's has changed to a high speed interent system and we have new
addresses now!! So, effective immediately, please change my work address, as
well as the EYC address, vberry@stlukesonthelake

Thanks so much,

Veta Berry

PS my personal email is still vetasings@yahoo.com

--part1_113.168afbde.2a9fd81f_boundary
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

<HTML><FONT FACE=arial,helvetica><FONT  SIZE=2>Hey Y'all!
<BR>
<BR>St. Luke's has changed to a high speed interent system and we have new addresses now!! So, effective immediately, please change my work address, as well as the EYC address, vberry@stlukesonthelake
<BR>
<BR>Thanks so much,
<BR>
<BR>Veta Berry
<BR>
<BR>PS my personal email is still vetasings@yahoo.com</FONT></HTML>

--part1_113.168afbde.2a9fd81f_boundary--
 [2002-10-20 23:28 UTC] sniper@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip


 [2002-11-10 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over 2 weeks, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Mon Aug 10 18:01:25 2020 UTC