xref: /PHP-7.3/ext/imap/tests/bug80710_1.phpt (revision 37962c61)
1--TEST--
2Bug #80710 (imap_mail_compose() header injection) - MIME Splitting Attack
3--SKIPIF--
4<?php
5if (!extension_loaded("imap")) die("skip imap extension not available");
6?>
7--FILE--
8<?php
9$envelope["from"]= "joe@example.com\n From : X-INJECTED";
10$envelope["to"]  = "foo@example.com\nFrom: X-INJECTED";
11$envelope["cc"]  = "bar@example.com\nFrom: X-INJECTED";
12$envelope["subject"]  = "bar@example.com\n\n From : X-INJECTED";
13$envelope["x-remail"]  = "bar@example.com\nFrom: X-INJECTED";
14$envelope["something"]  = "bar@example.com\nFrom: X-INJECTED";
15
16$part1["type"] = TYPEMULTIPART;
17$part1["subtype"] = "mixed";
18
19$part2["type"] = TYPEAPPLICATION;
20$part2["encoding"] = ENCBINARY;
21$part2["subtype"] = "octet-stream\nContent-Type: X-INJECTED";
22$part2["description"] = "some file\nContent-Type: X-INJECTED";
23$part2["contents.data"] = "ABC\nContent-Type: X-INJECTED";
24
25$part3["type"] = TYPETEXT;
26$part3["subtype"] = "plain";
27$part3["description"] = "description3";
28$part3["contents.data"] = "contents.data3\n\n\n\t";
29
30$body[1] = $part1;
31$body[2] = $part2;
32$body[3] = $part3;
33
34echo imap_mail_compose($envelope, $body);
35?>
36--EXPECTF--
37Warning: imap_mail_compose(): header injection attempt in from in %s on line %d
38