php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #74510 win32/sendmail.c anchors CC header but not BCC
Submitted: 2017-04-28 16:38 UTC Modified: -
From: requinix@php.net Assigned:
Status: Closed Package: Mail related
PHP Version: 7.1.4 OS: Windows
Private report: No CVE-ID:
 [2017-04-28 16:38 UTC] requinix@php.net
Description:
------------
In win32/sendmail.c:SendText the code that examines headers looks for CC and BCC for special treatment. CC is anchored to the beginning of a line but BCC is not.

If there is an X-*bcc header then it will be recognized as a BCC line and
1. PHP will attempt to RCPT TO the header's value
2. The "X-*" will be merged with the next line (if any) when the header is stripped away.

Fix is to tack on a copy of CC's
  && ((pos1 == headers_lc) || (*(pos1-1) == '\n'))
to that one pos1 condition.

Test script:
---------------
$headers = implode("\r\n", [
  "Cc: test+cc@example.com",
  "X-Test-Cc: line 2",
  "X-Test-Aabbcc: line 3",
  "X-Line-4: line 4"
]);
mail("test@example.com", "Subject", "Body", $headers);

Expected result:
----------------
Recipients: test@example.com, test+cc@example.com

Cc: test+cc@example.com
X-Test-Cc: line 2
X-Test-Aabbcc: line 3
X-Line-4: line 4

Actual result:
--------------
Recipients: test@example.com, test+cc@example.com, line 3

Cc: test+cc@example.com
X-Test-Cc: line 2
X-Test-AabX-Line-4: line 4

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-05-02 10:33 UTC] ab@php.net
Automatic comment on behalf of ab
Revision: http://git.php.net/?p=php-src.git;a=commit;h=20a608d9dae4c758bf608e10fd2cdb9cc1559625
Log: Fixed bug #74510 win32/sendmail.c anchors CC header but not BCC
 [2017-05-02 10:33 UTC] ab@php.net
-Status: Open +Status: Closed
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Mon Jun 26 20:01:38 2017 UTC