From: lpsolit%gmail.com <>
Date: Thu, 23 Aug 2007 20:46:56 +0000 (+0000)
Subject: Bug 386860: [SECURITY] Insufficient escaping of From address when using Sendmail... 
X-Git-Tag: bugzilla-3.0.1~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2970d80a9abcad6b46d91f1aa65082827bbbf52e;p=thirdparty%2Fbugzilla.git

Bug 386860: [SECURITY] Insufficient escaping of From address when using Sendmail - Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r/a=LpSolit
---

diff --git a/Bugzilla/Mailer.pm b/Bugzilla/Mailer.pm
index b4b2f320d9..03f370a4eb 100644
--- a/Bugzilla/Mailer.pm
+++ b/Bugzilla/Mailer.pm
@@ -44,6 +44,7 @@ use Bugzilla::Util;
 use Date::Format qw(time2str);
 
 use Encode qw(encode);
+use Email::Address;
 use Email::MIME;
 # Loading this gives us encoding_set.
 use Email::MIME::Modifier;
@@ -80,7 +81,14 @@ sub MessageToMTA {
             $Email::Send::Sendmail::SENDMAIL = SENDMAIL_EXE;
         }
         push @args, "-i";
-        push(@args, "-f$from") if $from;
+        # We want to make sure that we pass *only* an email address.
+        if ($from) {
+            my ($email_obj) = Email::Address->parse($from);
+            if ($email_obj) {
+                my $from_email = $email_obj->address;
+                push(@args, "-f$from_email") if $from_email;
+            }
+        }
         push(@args, "-ODeliveryMode=deferred")
             if !Bugzilla->params->{"sendmailnow"};
     }