iliaa Tue Aug 30 18:02:45 2005 EDT Added files: /php-src/ext/imap/tests bug32589.phpt
Modified files: /php-src/ext/imap php_imap.c Log: Fixed bug #32589 (possible crash inside imap_mail_compose() function). http://cvs.php.net/diff.php/php-src/ext/imap/php_imap.c?r1=1.208&r2=1.209&ty=u Index: php-src/ext/imap/php_imap.c diff -u php-src/ext/imap/php_imap.c:1.208 php-src/ext/imap/php_imap.c:1.209 --- php-src/ext/imap/php_imap.c:1.208 Sun Aug 7 18:06:27 2005 +++ php-src/ext/imap/php_imap.c Tue Aug 30 18:02:43 2005 @@ -26,7 +26,7 @@ | PHP 4.0 updates: Zeev Suraski <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: php_imap.c,v 1.208 2005/08/07 22:06:27 sniper Exp $ */ +/* $Id: php_imap.c,v 1.209 2005/08/30 22:02:43 iliaa Exp $ */ #define IMAP41 @@ -2908,6 +2908,7 @@ custom_headers_param = mail_newbody_parameter(); convert_to_string_ex(env_data); custom_headers_param->value = (char *) fs_get(Z_STRLEN_PP(env_data) + 1); + custom_headers_param->attribute = NULL; memcpy(custom_headers_param->value, Z_STRVAL_PP(env_data), Z_STRLEN_PP(env_data) + 1); zend_hash_move_forward(Z_ARRVAL_PP(pvalue)); custom_headers_param->next = tmp_param; @@ -2939,7 +2940,7 @@ convert_to_string_ex(pvalue); tmp_param = mail_newbody_parameter(); tmp_param->value = cpystr(Z_STRVAL_PP(pvalue)); - tmp_param->attribute = "CHARSET"; + tmp_param->attribute = cpystr("CHARSET"); tmp_param->next = bod->parameter; bod->parameter = tmp_param; } @@ -2949,7 +2950,7 @@ while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { disp_param = mail_newbody_parameter(); zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); - disp_param->attribute = key; + disp_param->attribute = cpystr(key); convert_to_string_ex(disp_data); disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); @@ -2983,7 +2984,7 @@ while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { disp_param = mail_newbody_parameter(); zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); - disp_param->attribute = key; + disp_param->attribute = cpystr(key); convert_to_string_ex(disp_data); disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); @@ -3047,7 +3048,7 @@ tmp_param = mail_newbody_parameter(); tmp_param->value = (char *) fs_get(Z_STRLEN_PP(pvalue) + 1); memcpy(tmp_param->value, Z_STRVAL_PP(pvalue), Z_STRLEN_PP(pvalue) + 1); - tmp_param->attribute = "CHARSET"; + tmp_param->attribute = cpystr("CHARSET"); tmp_param->next = bod->parameter; bod->parameter = tmp_param; } @@ -3057,7 +3058,7 @@ while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { disp_param = mail_newbody_parameter(); zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); - disp_param->attribute = key; + disp_param->attribute = cpystr(key); convert_to_string_ex(disp_data); disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); @@ -3091,7 +3092,7 @@ while (zend_hash_get_current_data(Z_ARRVAL_PP(pvalue), (void **) &disp_data) == SUCCESS) { disp_param = mail_newbody_parameter(); zend_hash_get_current_key(Z_ARRVAL_PP(pvalue), &key, &ind, 0); - disp_param->attribute = key; + disp_param->attribute = cpystr(key); convert_to_string_ex(disp_data); disp_param->value = (char *) fs_get(Z_STRLEN_PP(disp_data) + 1); memcpy(disp_param->value, Z_STRVAL_PP(disp_data), Z_STRLEN_PP(disp_data) + 1); http://cvs.php.net/co.php/php-src/ext/imap/tests/bug32589.phpt?r=1.1&p=1 Index: php-src/ext/imap/tests/bug32589.phpt +++ php-src/ext/imap/tests/bug32589.phpt --TEST-- Bug #32589 (crash inside imap_mail_compose() function) --SKIPIF-- <?php if (!extension_loaded("imap")) { die("skip imap extension not available"); } ?> --FILE-- <?php $m_envelope["To"] = "[EMAIL PROTECTED]"; $m_part1["type"] = TYPEMULTIPART; $m_part1["subtype"] = "mixed"; $m_part2["type"] = TYPETEXT; $m_part2["subtype"] = "plain"; $m_part2["description"] = "text_message"; $m_part2["charset"] = "ISO-8859-2"; $m_part2["contents.data"] = "hello"; $m_body[1] = $m_part1; $m_body[2] = $m_part2; echo imap_mail_compose($m_envelope, $m_body); ?> --EXPECTF-- MIME-Version: 1.0 Content-Type: MULTIPART/mixed; BOUNDARY="%s" %s Content-Type: TEXT/plain; CHARSET=ISO-8859-2 Content-Description: text_message hello %s -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php