charset conversion exploits, and request forgery through included
images. Thanks to Mikhail Markin, Tomas Kuliavas and Michael Jordon
for reporting these issues. [CVE-2007-1262]
+ - Fix busy loop and notice when two literals in IMAP fetch (#1739433).
Version 1.5.1 (branched on 2006-02-12)
--------------------------------------
we prohibid that literal responses appear in the
outer loop so we can trust the untagged and
tagged info provided by $read */
+ $read_literal = false;
if ($s === "}\r\n") {
$j = strrpos($read,'{');
$iLit = substr($read,$j+1,-3);
if ($read === false) { /* error */
break 4; /* while while switch while */
}
- $fetch_data[] = $read;
+ $s = substr($read,-3);
+ $read_literal = true;
+ continue;
} else {
$fetch_data[] = $read;
}
/* check for next untagged reponse and break */
if ($read{0} == '*') break 2;
$s = substr($read,-3);
- } while ($s === "}\r\n");
+ } while ($s === "}\r\n" || $read_literal);
$s = substr($read,-3);
} while ($read{0} !== '*' &&
substr($read,0,strlen($tag)) !== $tag);
projects / squirrelmail.git / commitdiff