#2268 Problematic From header ({SET:debug=)

closed-fixed
nobody
None
5
2006-10-04
2006-09-20
kristina clair
No

Certain spam messages over the past day or so have
contained a string in the From: header, like so:

From: "Linwood Sparks"
<peggydesmet@pandora.be>{SET:debug=51}

From: "Stan Shelton" <peggywuyts@pandora.be>{SET:debug=11}

These messages produce the following error in squirrelmail:
Warning: fread(): Length parameter must be greater than
0. in /home/serve/webmail/functions/imap_general.php on
line 282

If the message is in the inbox and hasn't been read,
this error occurs when trying to view the contents of
the inbox. If the message is marked as read, the error
occurs when trying to view the message.

Discussion

  • kristina clair
    kristina clair
    2006-09-20

    Logged In: YES
    user_id=1298072

    oops! it turns out that what causes the error to occur when
    opening the inbox is if the user has any filters set up or
    not, not whether the message is marked as read or not.

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-09-23

    Logged In: YES
    user_id=225877

    Please provide information about used SquirrelMail and PHP
    versions, all modifications in SquirrelMail scripts and used
    filtering rules.

     
  • kristina clair
    kristina clair
    2006-09-28

    Logged In: YES
    user_id=1298072

    the php version is 4.4.2
    the squirrelmail version is 1.4.8

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-09-29

    Logged In: YES
    user_id=225877

    Please inform about all modifications made in SquirrelMail
    scripts and show used filtering rules.

     
  • kristina clair
    kristina clair
    2006-09-29

    Logged In: YES
    user_id=1298072

    we have not made any changes to the squirrelmail scripts.

    the error occurs when viewing the inbox if there are any
    filters present at all - it doesn't matter what the filter
    rules are. it would be extremely lengthy to list all the
    filters used by all of our users...

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-10-03

    Logged In: YES
    user_id=225877

    Could you name used IMAP server? Message with such header
    does not break courier.

    If message does not contain private data, could you attach
    rfc822 message source to this tracker.

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-10-03

    Logged In: YES
    user_id=225877

    never mind. got error on uw

     
  • Tomas Kuliavas
    Tomas Kuliavas
    2006-10-03

    Logged In: YES
    user_id=225877

    IMAP output which causes notices in sqimap_read_data_list()
    (only sm 1.4.x). sqimap_retrieve_imap_response() does not
    create notices, but can't fetch response in info plugin.
    ---
    A03 FETCH 1:* (BODYSTRUCTURE)
    * OK [PARSE] Unexpected characters at end of address:
    {SET:debug=51}
    * 1 FETCH (BODYSTRUCTURE ("TEXT" "PLAIN" ("CHARSET"
    "iso-8859-1") NIL NIL "8BIT" 294 5 NIL NIL NIL NIL))
    A03 OK FETCH completed
    ---

     
  • Logged In: YES
    user_id=476981

    Fixed for Squirrelmail 1.5.2 CVS and 1.4.9 CVS

     
    • status: open --> closed-fixed
     
  • kristina clair
    kristina clair
    2006-10-10

    Logged In: YES
    user_id=1298072

    Thanks!!

    Would it be possible to release a patch for this issue? I
    want to fix it for our users, but I don't want to run a
    development version of Squirrelmail.

     
  • Logged In: YES
    user_id=476981

    1.4.9-cvs Snapshots are STABLE snapshots. It's 1.4.8 with
    the latest fixes.
    You can download it from
    http://www.squirrelmail.php/download.php