retitle 325215 Multiple attachments sometimes breaks due to chunk_split changed behaviour tags 325215 patch thanks
On Sat, 2005-08-27 at 10:05 +0200, Thijs Kinkhorst wrote: > On Fri, 2005-08-26 at 18:16 -0300, Ezequiel Larrarte wrote: > > Package: squirrelmail > > Version: 2:1.4.4-6sarge1 > > Severity: grave > > Justification: renders package unusable > > Please, this is not a grave bug. That in some cases some attachments > don't work doesn't render the package "unusable". Ezequiel Larrarte wrote to me in private mail: > based on debian reportbug: > grave > makes the package in question unusable by most or all > users, > or "causes data loss", or introduces a security hole allowing > access to the accounts of users who use the package. > > My attachment blows off == data loss! so .. It 's grave for me!!! Please followup to the bug itself aswell, so all information is properly recorded. I'll check with my co-maintainer and possibly with the release manager to see whether they think this issue should be fixed in stable. In any case, we can't upload the new squirrelmail version to stable, we would have to upload a new package containing just this fix. The updating policy for stable is very strict (and that makes stable as stable as it is) so it's unsure whether it will be accepted. I've attached the patch that is used upstream for three months, and in Debian testing/unstable without problems. The issue is that PHP changed the behaviour of chunk_split in version 4.3.11, and appearently Debian backported this also to their PHP 4.3.10 version (strange...). I'll get back to you once I know whether this will be uploaded to stable or not. regards, Thijs
diff -u -w -r1.18.2.21 -r1.18.2.22 --- Deliver.class.php 22 May 2005 08:30:30 -0000 1.18.2.21 +++ Deliver.class.php 3 Jun 2005 19:51:11 -0000 1.18.2.22 @@ -179,6 +179,11 @@ $encoded = ''; while ($tmp = fread($file, 570)) { $body_part = chunk_split(base64_encode($tmp)); + // Up to 4.3.10 chunk_split always appends a newline, + // while in 4.3.11 it doesn't if the string to split + // is shorter than the chunk length. + if( substr($body_part, -1 , 1 ) != "\n" ) + $body_part .= "\n"; $length += $this->clean_crlf($body_part); if ($stream) { $this->writeToStream($stream, $body_part);
signature.asc
Description: This is a digitally signed message part