|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25037 SendText infinite loop
Submitted: 2003-08-11 05:25 UTC Modified: 2003-08-11 11:38 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: richard at bradders2000 dot co dot uk Assigned: iliaa (profile)
Status: Closed Package: Mail related
PHP Version: 4.3.3RC3 OS: Windows Server 2003
Private report: No CVE-ID: None
 [2003-08-11 05:25 UTC] richard at bradders2000 dot co dot uk
When a message is > 1024 bytes in size and therefore broken down into 1024 chunks, there is a 'goto send_chunk;' being called an infinite number of times because the conditional statement 'if ((parts * 1024) < data_cln_len)' is always true if it is ever true. This basically causes the function to just keep on sending data to the smtp server.
Problem wasnt there in RC1, just RC2 and RC3.

Reproduce code:
		int parts = (int) floor(data_cln_len / 1024);
		p = data_cln;

		for (i = 0; i < parts; i++) {
			strlcpy(Buffer, p, 1024);
			Buffer[1024] = '\0';
			p += 1024;
			/* send chunk */
			if ((res = Post(Buffer)) != SUCCESS) {
				return (res);

		if ((parts * 1024) < data_cln_len) {
			i = data_cln_len - (parts * 1024);
			strlcpy(Buffer, p, i);
			Buffer[i] = '\0';
			goto send_chunk;

Expected result:
Data is sent in 1024 byte chunks. The remainder is then sent. Send is then terminated with '\r\n.\r\n'

Actual result:
Data is sent in 1024 byte chunks. The remainder is then sent...again and again and again and again. etc etc.
Send is never terminated.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-08-11 06:01 UTC] richard at bradders2000 dot co dot uk
Sorry, I had it as a 'SentText' issue... slight typo, should have been 'SendText'.
 [2003-08-11 11:38 UTC]
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at
In case this was a documentation problem, the fix will show up soon at

In case this was a website problem, the change will show
up on the site and on the mirror sites in short time.
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Tue Sep 26 23:01:24 2023 UTC