From 478c7c63d8487cf33fa160fade161625176c93d3 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Mon, 19 Jan 2009 03:18:10 -0500
Subject: [PATCH] - Secure vcard export by getting rid of preg's 'e' modifier use (#1485689)

---
 CHANGELOG                       |    1 +
 program/include/rcube_vcard.php |    6 +++++-
 2 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 6ea9747..492a3da 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@
 2009/01/18 (alec)
 ----------
 - Fix problems with backslash as IMAP hierarchy delimiter (#1484467)
+- Secure vcard export by getting rid of preg's 'e' modifier use (#1485689)
 
 2009/01/15 (alec)
 ----------
diff --git a/program/include/rcube_vcard.php b/program/include/rcube_vcard.php
index 3e93e97..1c0c383 100644
--- a/program/include/rcube_vcard.php
+++ b/program/include/rcube_vcard.php
@@ -226,10 +226,14 @@
     return $vcard;
   }
 
+  private static function rfc2425_fold_callback($matches)
+  {
+    return ":\n  ".rtrim(chunk_split($matches[1], 72, "\n  "));
+  }
 
   private static function rfc2425_fold($val)
   {
-    return preg_replace('/:([^\n]{72,})/e', '":\n  ".rtrim(chunk_split("\\1", 72, "\n  "))', $val) . "\n";
+    return preg_replace_callback('/:([^\n]{72,})/', 'self::rfc2425_fold_callback', $val) . "\n";
   }
 
 

--
Gitblit v1.9.1