summaryrefslogtreecommitdiff
path: root/extlib/Mail/sendmail.php
diff options
context:
space:
mode:
Diffstat (limited to 'extlib/Mail/sendmail.php')
-rwxr-xr-x[-rw-r--r--]extlib/Mail/sendmail.php7
1 files changed, 4 insertions, 3 deletions
diff --git a/extlib/Mail/sendmail.php b/extlib/Mail/sendmail.php
index cd248e61d..b056575e9 100644..100755
--- a/extlib/Mail/sendmail.php
+++ b/extlib/Mail/sendmail.php
@@ -20,7 +20,7 @@
* Sendmail implementation of the PEAR Mail:: interface.
* @access public
* @package Mail
- * @version $Revision: 1.19 $
+ * @version $Revision: 294744 $
*/
class Mail_sendmail extends Mail {
@@ -117,7 +117,7 @@ class Mail_sendmail extends Mail {
if (is_a($recipients, 'PEAR_Error')) {
return $recipients;
}
- $recipients = escapeShellCmd(implode(' ', $recipients));
+ $recipients = implode(' ', array_map('escapeshellarg', $recipients));
$headerElements = $this->prepareHeaders($headers);
if (is_a($headerElements, 'PEAR_Error')) {
@@ -141,7 +141,8 @@ class Mail_sendmail extends Mail {
return PEAR::raiseError('From address specified with dangerous characters.');
}
- $from = escapeShellCmd($from);
+ $from = escapeshellarg($from); // Security bug #16200
+
$mail = @popen($this->sendmail_path . (!empty($this->sendmail_args) ? ' ' . $this->sendmail_args : '') . " -f$from -- $recipients", 'w');
if (!$mail) {
return PEAR::raiseError('Failed to open sendmail [' . $this->sendmail_path . '] for execution.');