php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #72964 White space not unfolded for CC/Bcc headers
Submitted: 2016-08-29 12:40 UTC Modified: 2021-02-03 15:17 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: hynek dot petrak at gmail dot com Assigned: cmb (profile)
Status: Closed Package: Mail related
PHP Version: 5.6.25 OS: Windows
Private report: No CVE-ID: None
 [2016-08-29 12:40 UTC] hynek dot petrak at gmail dot com
Description:
------------
According to RFC2822 / 2.2.3. Long Header Fields, each header field can use White space folding. E.g.:

To: xy@example.com\r\n
CC: ab@example.com,\r\n
 cd@example.com\r\n
Subject: subject text

In the win32/sendmail.c SendText() function, the cc: and bcc: headers are considered only up to the next \r\n, ignoring any additional folded lines. This occures on Windows when "sendmail_path" is not defined in php.ini.

Problematic code:
                pos1 = headers + (pos1 - headers_lc) + 3;
                if (NULL == (pos2 = strstr(pos1, "\r\n"))) {
                        tempMailTo = estrndup(pos1, strlen(pos1));
                } else {
                        tempMailTo = estrndup(pos1, pos2 - pos1);
                }
IMHO any folding sequence "\r\n\t" or "\r\n " shall be replaced with "\t" or " " in header_lc before scanning. Other solutions might be convenient too.



Test script:
---------------
<?php
$to      = 'nobody@example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster@example.com' . "\r\n" .
    'Cc: cc1@example.com' . "\r\n" . ', ' .
    '\tcc2@example.com' . "\r\n" .
    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);
?>

Expected result:
----------------
cc2@example.com shall receive an email.

Actual result:
--------------
cc2@example.com does not receive an email. in the SMTP protocol RCPT TO: cc2@example.com is missing.

Patches

Add a Patch

Pull Requests

Pull requests:

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2020-10-27 16:16 UTC] cmb@php.net
-Status: Open +Status: Verified -Assigned To: +Assigned To: cmb
 [2020-11-10 15:31 UTC] cmb@php.net
The following pull request has been associated:

Patch Name: Fix #72964: White space not unfolded for CC/Bcc headers
On GitHub:  https://github.com/php/php-src/pull/6420
Patch:      https://github.com/php/php-src/pull/6420.patch
 [2020-11-19 18:27 UTC] cmb@php.net
Automatic comment on behalf of cmbecker69@gmx.de
Revision: http://git.php.net/?p=php-src.git;a=commit;h=881e43a03c774bf8d31b5fe751bd493447174ad0
Log: Fix #72964: White space not unfolded for CC/Bcc headers
 [2020-11-19 18:27 UTC] cmb@php.net
-Status: Verified +Status: Closed
 [2021-02-03 15:13 UTC] josh at dirxion dot com
With the release of PHP 7.4.14 we are experiencing an issue with our web email forms being processed. It seems to mangle the HTML formatting when there is only one email address. I have verified the problem does not exists in version 7.4.13 and that if I provide multiple addresses the mangled HTML email content problem goes away. 

This is an example of what we have going on and generates the broken HTML formatting. 

'Bcc: '. $VariableEmailGroup . "\r\n" .

If we add on a 2nd email address to the same syntax, the HTML formatting of the email is preserved properly. The problem is we don't want to list out multiple email addresses. 

'Bcc: ' . $VariableEmailGroup . ", \r\n\tuseremail@thisworksok.com\r\n" .

If you need further details I can nudge our developers, but they suspect this bug patch broke our email formatting.
 [2021-02-03 15:17 UTC] cmb@php.net
Thanks for reporting!

Could you please provide the value of $VariableEmailGroup, and/or
the headers of such a broken email?  Also, please file a new
ticket, and refer to this one there.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Feb 25 03:01:24 2021 UTC