Skip to content

Commit

Permalink
Fix vulnerability in handling of mail()'s 5th argument
Browse files Browse the repository at this point in the history
  • Loading branch information
alecpl committed Nov 22, 2016
1 parent 6fa88c9 commit f842337
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 1 addition & 0 deletions CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================

- Fix vulnerability in handling of mail()'s 5th argument
- Fix To: header encoding in mail sent with mail() method (#5475)
- Fix flickering of header topline in min-mode (#5426)
- Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447)
Expand Down
2 changes: 1 addition & 1 deletion program/lib/Roundcube/rcube.php
Expand Up @@ -1689,7 +1689,7 @@ public function deliver_message(&$message, $from, $mailto, &$error, &$body_file
if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN))
$sent = mail($to, $subject, $msg_body, $header_str);
else
$sent = mail($to, $subject, $msg_body, $header_str, "-f$from");
$sent = mail($to, $subject, $msg_body, $header_str, '-f ' . escapeshellarg($from));
}
}

Expand Down

0 comments on commit f842337

Please sign in to comment.