xref: /PHP-8.3/ext/imap/tests/bug80710_2.phpt (revision 74859783)
1--TEST--
2Bug #80710 (imap_mail_compose() header injection) - Remail
3--EXTENSIONS--
4imap
5--FILE--
6<?php
7$envelope["from"]= "joe@example.com\n From : X-INJECTED";
8$envelope["to"]  = "foo@example.com\nFrom: X-INJECTED";
9$envelope["cc"]  = "bar@example.com\nFrom: X-INJECTED";
10$envelope["subject"]  = "bar@example.com\n\n From : X-INJECTED";
11$envelope["remail"]  = "X-INJECTED-REMAIL: X-INJECTED\nFrom: X-INJECTED-REMAIL-FROM"; //<--- Injected as first hdr
12$envelope["something"]  = "bar@example.com\nFrom: X-INJECTED";
13
14$part1["type"] = TYPEMULTIPART;
15$part1["subtype"] = "mixed";
16
17$part2["type"] = TYPEAPPLICATION;
18$part2["encoding"] = ENCBINARY;
19$part2["subtype"] = "octet-stream\nContent-Type: X-INJECTED";
20$part2["description"] = "some file\nContent-Type: X-INJECTED";
21$part2["contents.data"] = "ABC\nContent-Type: X-INJECTED";
22
23$part3["type"] = TYPETEXT;
24$part3["subtype"] = "plain";
25$part3["description"] = "description3";
26$part3["contents.data"] = "contents.data3\n\n\n\t";
27
28$body[1] = $part1;
29$body[2] = $part2;
30$body[3] = $part3;
31
32echo imap_mail_compose($envelope, $body);
33?>
34--EXPECTF--
35Warning: imap_mail_compose(): header injection attempt in remail in %s on line %d
36