parser_test.php

Alexandru Stanoi Wed, 02 Jan 2008 04:12:42 -0800

Author: as
Date: Wed Jan  2 13:12:36 2008
New Revision: 7051

Log:
- Fixed issue #12318: Unsafe characters are replaces by underscores in
  attachment file names during mail parsing.


Added:
    trunk/Mail/tests/parser/data/various/attachment_with_slash.mail
Modified:
    trunk/Mail/ChangeLog
    trunk/Mail/src/parser/parts/file_parser.php
    trunk/Mail/tests/parser/parser_test.php

Modified: trunk/Mail/ChangeLog
==============================================================================
--- trunk/Mail/ChangeLog [iso-8859-1] (original)
+++ trunk/Mail/ChangeLog [iso-8859-1] Wed Jan  2 13:12:36 2008
@@ -1,3 +1,10 @@
+1.5alpha1 - [RELEASEDATE]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+- Fixed issue #12318: Unsafe characters are replaces by underscores in
+  attachment file names during mail parsing.
+
+
 1.4 - Monday 17 December 2007
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 

Modified: trunk/Mail/src/parser/parts/file_parser.php
==============================================================================
--- trunk/Mail/src/parser/parts/file_parser.php [iso-8859-1] (original)
+++ trunk/Mail/src/parser/parts/file_parser.php [iso-8859-1] Wed Jan  2 
13:12:36 2008
@@ -103,6 +103,9 @@
             $fileName = "filename";
         }
 
+        // clean file name (replace unsafe characters with underscores)
+        $fileName = strtr( $fileName, "/\\\0\"|?*<:;>+[]", '______________' );
+
         $this->fp = $this->openFile( $fileName ); // propagate exception
     }
 

Added: trunk/Mail/tests/parser/data/various/attachment_with_slash.mail
==============================================================================
--- trunk/Mail/tests/parser/data/various/attachment_with_slash.mail (added)
+++ trunk/Mail/tests/parser/data/various/attachment_with_slash.mail 
[iso-8859-1] Wed Jan  2 13:12:36 2008
@@ -1,0 +1,55 @@
+Return-Path: <[EMAIL PROTECTED]>
+X-Original-To: [EMAIL PROTECTED]
+Delivered-To: [EMAIL PROTECTED]
+Received: from smtp.ez.no (blackboy.ez.no [194.248.150.22])
+       by mta1.ez.no (Postfix) with ESMTP id 99508362508
+       for <[EMAIL PROTECTED]>; Fri, 23 Nov 2007 13:29:23 +0100 (CET)
+Received: from [10.0.2.184] (popeye.ez.no [85.19.74.66])
+       by smtp.ez.no (Postfix) with ESMTP id D611AAB54C
+       for <[EMAIL PROTECTED]>; Fri, 23 Nov 2007 13:26:40 +0100 (CET)
+Message-ID: <[EMAIL PROTECTED]>
+Date: Fri, 23 Nov 2007 13:30:14 +0100
+From: Alexandru Stanoi <[EMAIL PROTECTED]>
+User-Agent: Thunderbird 1.5.0.12 (X11/20070604)
+MIME-Version: 1.0
+To: Alexandru Stanoi <[EMAIL PROTECTED]>
+Subject: TEST: HTML attachment
+Content-Type: multipart/mixed;
+ boundary="1234567890"
+
+
+--1234567890
+Content-Type: text/html; charset=iso-8859-1
+Content-Transfer-Encoding: 7bit
+
+<html>
+<body marginwidth="0" marginheight="0" leftmargin="0" topmargin="0"  
+bgcolor="#FFFFFF">
+<table border="0" width="640" cellspacing="0" cellpadding="0"><tr><td>
+<img src="cid:cam_data/photo067" alt="cam_data/photo067.jpg"><br><br>
+</td></tr></table>
+</body></html>
+
+--1234567890
+Content-Type: image/jpeg; name="cam_data/photo067.jpg"
+Content-Transfer-Encoding: base64
+Content-ID: <cam_data/photo067>
+Content-Disposition: attachment; filename="cam_data/photo067.jpg"
+
+/9j/4AAQSkZJRgABAgEAkACQAAD/ 
+2wCEAAwICQoJBwwKCQoNDAwOER0TERAQESQZGxUdKiUsLCkl
+KSgvNEM5LzE/ 
+MigpOk87P0VHS0xLLThSWFFJV0NJS0gBDA0NEQ8RIhMTIkgwKTBISEhISEhISEhI
+SEhISEhISEhISEhISEhISEhISEhISEhISEhISEhISEhISEhISEhISP/ 
+AABEIAPABQAMBIQACEQED
+EQH/3QAEABT/ 
+xAGiAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgsQAAIBAwMCBAMFBQQEAAAB
+fQECAwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5
+OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeo
+qaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/ 
+j5+gEAAwEBAQEB
+AQEBAQAAAAAAAAECAwQFBgcICQoLEQACAQIEBAMEBwUEBAABAncAAQIDEQQFITEGEkFRB2FxEyIy
+gQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNk
+ZWZnaG 
+
+--1234567890--

Modified: trunk/Mail/tests/parser/parser_test.php
==============================================================================
--- trunk/Mail/tests/parser/parser_test.php [iso-8859-1] (original)
+++ trunk/Mail/tests/parser/parser_test.php [iso-8859-1] Wed Jan  2 13:12:36 
2008
@@ -1511,5 +1511,16 @@
         $this->assertNotNull( $mail->from );
         $this->assertEquals( '[EMAIL PROTECTED]', $mail->from->email );
     }
+
+    public function testAttachmentWithSlash()
+    {
+        $parser = new ezcMailParser();
+        $set = new SingleFileSet( 'various/attachment_with_slash.mail' );
+        $mail = $parser->parseMail( $set );
+        $this->assertEquals( 1, count( $mail ) );
+        $mail = $mail[0];
+        $parts = $mail->body->getParts();
+        $this->assertEquals( 'cam_data_photo067.jpg', basename( 
$parts[1]->fileName ) );
+    }
 }
 ?>


-- 
svn-components mailing list
svn-components@lists.ez.no
http://lists.ez.no/mailman/listinfo/svn-components

[svn-components] 7051 - in /trunk/Mail: ChangeLog src/parser/parts/file_parser.php tests/parser/data/various/attachment_with_slash.mail tests/parser/parser_test.php

Reply via email to