PHP :: Bug #26008 :: mail() crashes apache with some parameters

Bug #26008

mail() crashes apache with some parameters

Submitted:

2003-10-27 14:26 UTC

Modified:

2003-10-27 21:56 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

rich at tallman dot org

Assigned:

Status:

Closed

Package:

Mail related

PHP Version:

4.3.3

OS:

Windows XP

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	rich at tallman dot org
New email:
PHP Version:		OS:

New/Additional Comment:

[2003-10-27 14:26 UTC] rich at tallman dot org

Description:
------------
Any script passing invalid headers will result in a crash of the apache web server when using the apache module version of php 4.3.3 (from the binary zip download)

This particular type of invalid header is commonly used to circumvent other unpredictable strange behaviors with the mail command.

Reproduce code:
---------------
mail("rich@tallman.org","test message","","From: rich@tallman.org\n\nThis is a test message.");

Expected result:
----------------
Apache will crash (usually creating a windows XP error window)

Actual result:
--------------
szAppName : Apache.exe     szAppVer : 2.0.47.0     szModName : php4ts.dll     
szModVer : 4.3.3.3     offset : 0009defe

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-10-27 14:29 UTC] rich at tallman dot org

More likely cause! -- Emty message parameter may be the cause of the crash.. the following code does *not* crash apache:

mail("rich@tallman.org","test message"," ","From:
rich@tallman.org\n\nThis is a test message.");


Please note the space in the message field.

[2003-10-27 17:33 UTC] iliaa@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php4-STABLE-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-STABLE-latest.zip

[2003-10-27 21:56 UTC] rich at tallman dot org

I *KISS* YOU! All my base are belong to you.

Fixed.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 26 15:01:56 2024 UTC