banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix vulnerability in PHPMailer

Browse Source
master
Andrew Dolgov 17 years ago
parent 11063ec65c
commit 090ac2fea0
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File

6
phpmailer/class.phpmailer.php
Unescape Escape View File

@ -390,9 +390,11 @@ class PHPMailer
*/ */
function SendmailSend($header, $body) { function SendmailSend($header, $body) {
if ($this->Sender != "") if ($this->Sender != "")
$sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender); $sendmail = sprintf("%s -oi -f %s -t",
escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
else else
$sendmail = sprintf("%s -oi -t", $this->Sendmail); $sendmail = sprintf("%s -oi -t",
escapeshellcmd($this->Sendmail));
if(!@$mail = popen($sendmail, "w")) if(!@$mail = popen($sendmail, "w"))
{ {

Write Preview
Loading…
Cancel
Save