Apply SUPEE-9652/10570

Shardj · Dec 8, 2022 · 6545737 · 6545737
1 parent 66f96b4
commit 6545737
Showing 1 changed file with 14 additions and 8 deletions.
diff --git a/library/Zend/Mail/Transport/Sendmail.php b/library/Zend/Mail/Transport/Sendmail.php
@@ -119,14 +119,20 @@ public function _sendMail()
                 );
             }
 
-            set_error_handler([$this, '_handleMailErrors']);
-            $result = mail(
-                $this->recipients,
-                $this->_mail->getSubject(),
-                $this->body,
-                $this->header,
-                $this->parameters);
-            restore_error_handler();
+            $fromEmailHeader = str_replace(' ', '', $this->parameters);
+            // Sanitize the From header
+            if (!Zend_Validate::is($fromEmailHeader, 'EmailAddress')) {
+                throw new Zend_Mail_Transport_Exception('Potential code injection in From header');
+            } else {
+                set_error_handler([$this, '_handleMailErrors']);
+                $result = mail(
+                    $this->recipients,
+                    $this->_mail->getSubject(),
+                    $this->body,
+                    $this->header,
+                    $fromEmailHeader);
+                restore_error_handler();
+            }
         }
 
         if ($this->_errstr !== null || !$result) {