php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #25037 SendText infinite loop
Submitted: 2003-08-11 05:25 UTC Modified: 2003-08-11 11:38 UTC
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: richard at bradders2000 dot co dot uk Assigned: iliaa (profile)
Status: Closed Package: Mail related
PHP Version: 4.3.3RC3 OS: Windows Server 2003
Private report: No CVE-ID: None
View Developer Edit
 [2003-08-11 05:25 UTC] richard at bradders2000 dot co dot uk 
Description:
------------
When a message is > 1024 bytes in size and therefore broken down into 1024 chunks, there is a 'goto send_chunk;' being called an infinite number of times because the conditional statement 'if ((parts * 1024) < data_cln_len)' is always true if it is ever true. This basically causes the function to just keep on sending data to the smtp server.
Problem wasnt there in RC1, just RC2 and RC3.

Reproduce code:
---------------
		int parts = (int) floor(data_cln_len / 1024);
		p = data_cln;

		for (i = 0; i < parts; i++) {
			strlcpy(Buffer, p, 1024);
			Buffer[1024] = '\0';
			p += 1024;
send_chunk:
			/* send chunk */
			if ((res = Post(Buffer)) != SUCCESS) {
				efree(data_cln);
				return (res);
			}
		}

		if ((parts * 1024) < data_cln_len) {
			i = data_cln_len - (parts * 1024);
			strlcpy(Buffer, p, i);
			Buffer[i] = '\0';
			goto send_chunk;
		}


Expected result:
----------------
Data is sent in 1024 byte chunks. The remainder is then sent. Send is then terminated with '\r\n.\r\n'

Actual result:
--------------
Data is sent in 1024 byte chunks. The remainder is then sent...again and again and again and again. etc etc.
Send is never terminated.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-08-11 06:01 UTC] richard at bradders2000 dot co dot uk 
Sorry, I had it as a 'SentText' issue... slight typo, should have been 'SendText'.
 [2003-08-11 11:38 UTC] iliaa@php.net 
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Mar 31 16:01:29 2025 UTC