[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-devel
Subject:    Re: [SM-DEVEL] bug in decodeBody
From:       "Tomas Kuliavas" <tokul () users ! sourceforge ! net>
Date:       2005-10-09 19:50:44
Message-ID: 40014.85.206.83.246.1128887444.squirrel () internet ! eik ! lt
[Download RAW message or body]

> Hi,
>
>     Please CC: me the answer, as I am not in this list.
>
>     One of my users complained about a bug in squirrelmail, which I could
> trace
> to the function decodeBody(), at functions/mime.php.
>
>     In an email, charset iso-8859-1, encoded in quoted-printable, a line
> where
> all chars are '=' loses its final newline.  Looking at mime.php, I found
> this
> code part:
>
> ....
>     } else if ($encoding == 'quoted-printable' ||
>         $encoding == 'quoted_printable') {
>         $body = quoted_printable_decode($body);
>
>         while (ereg("=\n", $body)) {
>             $body = ereg_replace ("=\n", '', $body);
>         }
>
>     } else if ($encoding == 'base64') {
> ....
>
>     Now, if I comment the last while(), all seems to work perfectly.
>
>     The big question is: Why is that while in there?  Shouldn't php's
> quote_printable_decode() be enough?  is it safe to comment those 3 lines,
> like this?
>
> ....
>     } else if ($encoding == 'quoted-printable' ||
>         $encoding == 'quoted_printable') {
>         $body = quoted_printable_decode($body);
>
>         #while (ereg("=\n", $body)) {
>         #    $body = ereg_replace ("=\n", '', $body);
>         #}
>
>     } else if ($encoding == 'base64') {
> ....
>
>
>     Just in case, I noted in the CVS log that this code has been
> introduced at
> 23 Fev, 2000, at mime.php cvsId: 1.23.  If it is a bug, it is an old one.
> I
> suspect it could be an workaround to fix a php bug, at that time.
>
>     If this matters, I use FreeBSD 5.4-stable, and php-4.3.11_1.  My
> running
> squirrelmail has been installed from FreeBSD's ports, but I have checked
> the CVS
> source and logs from the CVS anonymous repository to be sure.  I have used
> the
> branch SM-1_4-STABLE for cvs checkout.
>

As you said, it is a very old code. It might be written and tested on php
4.0.0beta. According to PHP changelogs quoted_printable_decode() function
was fixed only in 4.0.4. Older versions (tested 4.0.0, 4.1.2 and 4.3.10)
don't remove last = from decoded line.

If you use php 4.1.2 or better, you should disable while (ereg("=\n",
$body)) cycle.

Thanks for your report. Issue should be fixed in SquirrelMail 1.4.6 and
1.5.1 versions.

-- 
Tomas


-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
--
squirrelmail-devel mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: squirrelmail-devel@lists.sourceforge.net
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.devel
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=7139
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
[prev in list] [next in list] [prev in thread] [next in thread]