File Mail-1.1.14-CVE-2009-4023,4111.patch of Package php5-pear-mail

Overview Repositories Revisions Requests Users Attributes Meta

File Mail-1.1.14-CVE-2009-4023,4111.patch of Package php5-pear-mail

Index: Mail-1.1.14/Mail/sendmail.php
===================================================================
--- Mail-1.1.14/Mail/sendmail.php.orig
+++ Mail-1.1.14/Mail/sendmail.php
@@ -16,6 +16,8 @@
 // | Author: Chuck Hagenbuch <chuck@horde.org>                            |
 // +----------------------------------------------------------------------+
 
+require_once 'Validate.php';
+
 /**
  * Sendmail implementation of the PEAR Mail:: interface.
  * @access public
@@ -108,7 +110,7 @@ class Mail_sendmail extends Mail {
         if (PEAR::isError($recipients)) {
             return $recipients;
         }
-        $recipients = escapeShellCmd(implode(' ', $recipients));
+        $recipients = implode(' ', array_map('escapeshellarg', $recipients));
 
         $this->_sanitizeHeaders($headers);
         $headerElements = $this->prepareHeaders($headers);
@@ -127,6 +129,12 @@ class Mail_sendmail extends Mail {
         }
 
         $from = escapeShellCmd($from);
+        
+        
+        if (!Validate::email($from)) {
+           return PEAR::raiseError('From address is not a valid email address');
+        }
+
         $mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w');
         if (!$mail) {
             return PEAR::raiseError('Failed to open sendmail [' . $this->sendmail_path . '] for execution.');
Index: package.xml
===================================================================
--- package.xml.orig
+++ package.xml
@@ -52,7 +52,7 @@
    <file role="php" md5sum="e90b498ce97ee926aab71180aa1f68bd" name="Mail.php"/>
    <file role="php" md5sum="c3433e6b7b54a362c6acbffffddcb2f1" name="Mail/mail.php"/>
    <file role="php" md5sum="4a1ed7ae8036862b24fa0ea84f8bbe0e" name="Mail/null.php"/>
-   <file role="php" md5sum="8d567715b062fd05ae0d0c195ec3ba1b" name="Mail/sendmail.php"/>
+   <file role="php" md5sum="573bce231900e85fd697e07005ecf7ea" name="Mail/sendmail.php"/>
    <file role="php" md5sum="ed539e37c764c38205cb70597e0e84e4" name="Mail/smtp.php"/>
    <file role="php" md5sum="3a513a76e6222b50e7e1186a11cb7b2b" name="Mail/RFC822.php"/>
    <file role="test" md5sum="4117acf13586a15da2a5cdd368aa3931" name="tests/rfc822.phpt"/>

Places

File Mail-1.1.14-CVE-2009-4023,4111.patch of Package php5-pear-mail

Places