Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224)

pull/5735/merge
Aleksander Machniak 7 years ago
parent d51fdaa2ee
commit b2bebe531a

@ -78,6 +78,7 @@ CHANGELOG Roundcube Webmail
- Fix possible IMAP command injection and type juggling vulnerabilities (#6229)
- Enigma: Fix key selection for signing
- Fix check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238)
- Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224)
RELEASE 1.3.5
-------------

@ -606,8 +606,10 @@ class rcmail extends rcube
// Here we need IDNA ASCII
// Only rcube_contacts class is using domain names in Unicode
$host = rcube_utils::idn_to_ascii($host);
$username = rcube_utils::idn_to_ascii($username);
$host = rcube_utils::idn_to_ascii($host);
if (strpos($username, '@')) {
$username = rcube_utils::idn_to_ascii($username);
}
// user already registered -> overwrite username
if ($user = rcube_user::query($username, $host)) {

@ -911,9 +911,13 @@ class rcube_utils
}
/**
* Wrapper for idn_to_ascii with support for e-mail address
* Wrapper for idn_to_ascii with support for e-mail address.
*
* Warning: Domain names may be lowercase'd.
* Warning: An empty string may be returned on invalid domain.
*
* @param string $str Decoded e-mail address
*
* @return string Encoded e-mail address
*/
public static function idn_to_ascii($str)
@ -925,6 +929,7 @@ class rcube_utils
* Wrapper for idn_to_utf8 with support for e-mail address
*
* @param string $str Decoded e-mail address
*
* @return string Encoded e-mail address
*/
public static function idn_to_utf8($str)
@ -932,34 +937,40 @@ class rcube_utils
return self::idn_convert($str, false);
}
/**
* Convert a string to ascii or utf8
* Convert a string to ascii or utf8 (using IDNA standard)
*
* @param string $input Decoded e-mail address
* @param string $input Decoded e-mail address
* @param boolean $is_utf Convert by idn_to_ascii if true and idn_to_utf8 if false
*
* @return string Encoded e-mail address
*/
public static function idn_convert($input, $is_utf = false)
{
if ($at = strpos($input, '@')) {
$user = substr($input, 0, $at);
$user = substr($input, 0, $at);
$domain = substr($input, $at + 1);
}
else {
$user = '';
$user = '';
$domain = $input;
}
// Note that in PHP 7.2/7.3 calling idn_to_* functions with default arguments
// throws a warning, so we have to set the variant explicitely (#6075)
$variant = defined('INTL_IDNA_VARIANT_UTS46') ? INTL_IDNA_VARIANT_UTS46 : null;
$options = 0;
$options = IDNA_DEFAULT;
// Because php-intl extension lowercases domains and return false
// on invalid input (#6224), we skip conversion when not needed
// for compatibility with our Net_IDNA2 wrappers in bootstrap.php
if ($is_utf) {
$domain = idn_to_ascii($domain, $options, $variant);
if (preg_match('/[^\x20-\x7E]/', $domain)) {
$domain = idn_to_ascii($domain, $options, $variant);
}
}
else {
else if (preg_match('/(^|\.)xn--/i', $domain)) {
$domain = idn_to_utf8($domain, $options, $variant);
}

@ -620,4 +620,12 @@ class Framework_Utils extends PHPUnit_Framework_TestCase
$this->assertEquals(rcube_utils::idn_to_utf8($encoded), $decoded);
}
/**
* Test idn_to_ascii with non-domain input (#6224)
*/
function test_idn_to_ascii_special()
{
$this->assertEquals(rcube_utils::idn_to_ascii('H.S'), 'H.S');
$this->assertEquals(rcube_utils::idn_to_ascii('d.-h.lastname'), 'd.-h.lastname');
}
}

Loading…
Cancel
Save