Roundcubemail devel
parent: c027ba77 | patch | commit | show whitespace
Aleksander Machniak
2013-05-06 ce89ecd54277fdd8113320ba463dfab6d504b00c 
Fix various PHP code bugs found using static analysis (#1489086)
6 files modified
17 ■■■■ changed files
CHANGELOG 1 ●●●● patch | view | raw | blame | history
plugins/enigma/enigma.php 3 ●●●● patch | view | raw | blame | history
plugins/enigma/lib/enigma_engine.php 8 ●●●● patch | view | raw | blame | history
plugins/password/drivers/pam.php 1 ●●●● patch | view | raw | blame | history
program/lib/Roundcube/rcube_db.php 2 ●●● patch | view | raw | blame | history
program/lib/Roundcube/rcube_smtp.php 2 ●●● patch | view | raw | blame | history 
 CHANGELOG


@@ -1,6 +1,7 @@


CHANGELOG Roundcube Webmail


===========================




- Fix various PHP code bugs found using static analysis (#1489086)


- Fix backslash character handling on vCard import (#1489085)


- Fix csv import from Thunderbird with French localization (#1489059)


- Fix messages list focus issue in Opera and Webkit (#1489058)




 plugins/enigma/enigma.php


@@ -47,6 +47,8 @@


        $rcmail = rcmail::get_instance();


        $this->rc = $rcmail;




        $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);




        if ($this->rc->task == 'mail') {


            // message parse/display hooks


            $this->add_hook('message_part_structure', array($this, 'parse_structure'));


@@ -79,7 +81,6 @@


            $this->register_action('plugin.enigma', array($this, 'preferences_ui'));




            // grab keys/certs management iframe requests


            $section = rcube_utils::get_input_value('_section', rcube_utils::INPUT_GET);


            if ($this->rc->action == 'edit-prefs' && preg_match('/^enigma(certs|keys)/', $section)) {


                $this->load_ui();


                $this->ui->init($section);




 plugins/enigma/lib/enigma_engine.php


@@ -374,17 +374,15 @@


    {


        // @TODO: Handle big bodies using (temp) files


        // @TODO: caching of verification result


        


         $sig = $this->pgp_driver->verify($msg_body, $sig_body);




         if (($sig instanceof enigma_error) && $sig->getCode() != enigma_error::E_KEYNOTFOUND)


             rcube::raise_error(array(


                'code' => 600, 'type' => 'php',


                'file' => __FILE__, 'line' => __LINE__,


                'message' => "Enigma plugin: " . $error->getMessage()


                'message' => "Enigma plugin: " . $sig->getMessage()


                ), true, false);




//print_r($sig);


        return $sig;


    }




@@ -399,10 +397,8 @@


    {


        // @TODO: Handle big bodies using (temp) files


        // @TODO: caching of verification result


        


        $key = ''; $pass = ''; // @TODO


        $result = $this->pgp_driver->decrypt($msg_body, $key, $pass);




//print_r($result);




        if ($result instanceof enigma_error) {


            $err_code = $result->getCode();




 plugins/password/drivers/pam.php


@@ -12,6 +12,7 @@


    function save($currpass, $newpass)


    {


        $user = $_SESSION['username'];


        $error = '';




        if (extension_loaded('pam') || extension_loaded('pam_auth')) {


            if (pam_auth($user, $currpass, $error, false)) {




 program/lib/Roundcube/rcube_db.php


@@ -128,7 +128,7 @@


        $dsn_string  = $this->dsn_string($dsn);


        $dsn_options = $this->dsn_options($dsn);




        if ($db_pconn) {


        if ($this->db_pconn) {


            $dsn_options[PDO::ATTR_PERSISTENT] = true;


        }






 program/lib/Roundcube/rcube_smtp.php


@@ -119,7 +119,7 @@


        }




        // try to connect to server and exit on failure


        $result = $this->conn->connect($smtp_timeout);


        $result = $this->conn->connect($CONFIG['smtp_timeout']);




        if (PEAR::isError($result)) {


            $this->response[] = "Connection failed: ".$result->getMessage();