[PHP-CVS] cvs: php-src(PHP_5_3) / NEWS /ext/imap php_imap.c

[Ilia Alshanetsky]

iliaa           Wed Dec  3 01:04:13 2008 UTC

  Modified files:              (Branch: PHP_5_3)
    /php-src/ext/imap   php_imap.c 
    /php-src    NEWS 
  Log:
  
  Fixed bug #46731 (Missing validation for the options parameter of the     
  imap_fetch_overview() function).
  
  
http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.26.2.23&r2=1.208.2.7.2.26.2.24&diff_format=u
Index: php-src/ext/imap/php_imap.c
diff -u php-src/ext/imap/php_imap.c:1.208.2.7.2.26.2.23 
php-src/ext/imap/php_imap.c:1.208.2.7.2.26.2.24
--- php-src/ext/imap/php_imap.c:1.208.2.7.2.26.2.23     Mon Nov 17 11:27:55 2008
+++ php-src/ext/imap/php_imap.c Wed Dec  3 01:04:13 2008
@@ -26,7 +26,7 @@
    | PHP 4.0 updates:  Zeev Suraski <[EMAIL PROTECTED]>                       |
    +----------------------------------------------------------------------+
  */
-/* $Id: php_imap.c,v 1.208.2.7.2.26.2.23 2008/11/17 11:27:55 felipe Exp $ */
+/* $Id: php_imap.c,v 1.208.2.7.2.26.2.24 2008/12/03 01:04:13 iliaa Exp $ */
 
 #define IMAP41
 
@@ -3174,11 +3174,16 @@
                return;
        }
 
+       if (flags && !(flags & FT_UID)) {
+               php_error_docref(NULL TSRMLS_CC, E_WARNING, "invalid value for 
the options parameter");
+               RETURN_FALSE;
+       }
+
        ZEND_FETCH_RESOURCE(imap_le_struct, pils *, &streamind, -1, "imap", 
le_imap);
 
        array_init(return_value);
-       
-       status = (flags & FT_UID) 
+
+       status = (flags & FT_UID)
                ? mail_uid_sequence(imap_le_struct->imap_stream, sequence)
                : mail_sequence(imap_le_struct->imap_stream, sequence);
        
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.965.2.398&r2=1.2027.2.547.2.965.2.399&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.965.2.398 
php-src/NEWS:1.2027.2.547.2.965.2.399
--- php-src/NEWS:1.2027.2.547.2.965.2.398       Tue Dec  2 16:28:24 2008
+++ php-src/NEWS        Wed Dec  3 01:04:13 2008
@@ -42,6 +42,8 @@
 - Fixed check in recode extension to allow builing of recode and mysql
   extensions when using a recent libmysql. (Johannes)
 
+- Fixed bug #46731 (Missing validation for the options parameter of the
+  imap_fetch_overview() function). (Ilia)
 - Fixed bug #46711 (cURL curl_setopt leaks memory in foreach loops).
   (magicaltux [at] php [dot] net)
 - Fixed bug #46578 (strip_tags() does not honor end-of-comment when it 



-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php