fix vulnerability in PHPMailer

author Andrew Dolgov <fox@bah.spb.su>

Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)

committer Andrew Dolgov <fox@bah.spb.su>

Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)
author Andrew Dolgov <fox@bah.spb.su>
Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)
committer Andrew Dolgov <fox@bah.spb.su>
Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)
diff --git a/phpmailer/class.phpmailer.php b/phpmailer/class.phpmailer.php

index 5eb7ac05aa6a0022556b3635aca1547084e5aef8..061a16f47c3eafb9ad67bd6f1a0833a5f3714334 100644 (file)
--- a/phpmailer/class.phpmailer.php
+++ b/phpmailer/class.phpmailer.php
@@ -390,9 +390,11 @@ class PHPMailer
       */\r
      function SendmailSend($header, $body) {\r
          if ($this->Sender != "")\r
-            $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);\r
+            $sendmail = sprintf("%s -oi -f %s -t", \r
+                escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));\r
          else\r
-            $sendmail = sprintf("%s -oi -t", $this->Sendmail);\r
+            $sendmail = sprintf("%s -oi -t", \r
+                escapeshellcmd($this->Sendmail));\r
  \r
          if(!@$mail = popen($sendmail, "w"))\r
          {\r
@@ -1496,4 +1498,4 @@ class PHPMailer
      }\r
  }\r
  \r
-?>
-\ No newline at end of file
+?>\r
author	Andrew Dolgov <fox@bah.spb.su>
	Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)
committer	Andrew Dolgov <fox@bah.spb.su>
	Fri, 23 Nov 2007 02:48:07 +0000 (03:48 +0100)