[prev in list] [next in list] [prev in thread] [next in thread]
List: squirrelmail-devel
Subject: Re: [SM-DEVEL] bug in decodeBody
From: "Tomas Kuliavas" <tokul () users ! sourceforge ! net>
Date: 2005-10-09 19:50:44
Message-ID: 40014.85.206.83.246.1128887444.squirrel () internet ! eik ! lt
[Download RAW message or body]
> Hi,
>
> Please CC: me the answer, as I am not in this list.
>
> One of my users complained about a bug in squirrelmail, which I could
> trace
> to the function decodeBody(), at functions/mime.php.
>
> In an email, charset iso-8859-1, encoded in quoted-printable, a line
> where
> all chars are '=' loses its final newline. Looking at mime.php, I found
> this
> code part:
>
> ....
> } else if ($encoding == 'quoted-printable' ||
> $encoding == 'quoted_printable') {
> $body = quoted_printable_decode($body);
>
> while (ereg("=\n", $body)) {
> $body = ereg_replace ("=\n", '', $body);
> }
>
> } else if ($encoding == 'base64') {
> ....
>
> Now, if I comment the last while(), all seems to work perfectly.
>
> The big question is: Why is that while in there? Shouldn't php's
> quote_printable_decode() be enough? is it safe to comment those 3 lines,
> like this?
>
> ....
> } else if ($encoding == 'quoted-printable' ||
> $encoding == 'quoted_printable') {
> $body = quoted_printable_decode($body);
>
> #while (ereg("=\n", $body)) {
> # $body = ereg_replace ("=\n", '', $body);
> #}
>
> } else if ($encoding == 'base64') {
> ....
>
>
> Just in case, I noted in the CVS log that this code has been
> introduced at
> 23 Fev, 2000, at mime.php cvsId: 1.23. If it is a bug, it is an old one.
> I
> suspect it could be an workaround to fix a php bug, at that time.
>
> If this matters, I use FreeBSD 5.4-stable, and php-4.3.11_1. My
> running
> squirrelmail has been installed from FreeBSD's ports, but I have checked
> the CVS
> source and logs from the CVS anonymous repository to be sure. I have used
> the
> branch SM-1_4-STABLE for cvs checkout.
>
As you said, it is a very old code. It might be written and tested on php
4.0.0beta. According to PHP changelogs quoted_printable_decode() function
was fixed only in 4.0.4. Older versions (tested 4.0.0, 4.1.2 and 4.3.10)
don't remove last = from decoded line.
If you use php 4.1.2 or better, you should disable while (ereg("=\n",
$body)) cycle.
Thanks for your report. Issue should be fixed in SquirrelMail 1.4.6 and
1.5.1 versions.
--
Tomas
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
--
squirrelmail-devel mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: squirrelmail-devel@lists.sourceforge.net
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.devel
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=7139
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic