From d3b98eb4dcb2b7eb867ae21108e64d0b2769e920 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 21 Jan 2016 10:28:29 -0500
Subject: [PATCH] Fix (again) security issue in DBMail driver of password plugin [CVE-2015-2181] (#1490643)

---
 plugins/password/drivers/dbmail.php |   15 ++-------------
 1 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/plugins/password/drivers/dbmail.php b/plugins/password/drivers/dbmail.php
index 1207283..a1a0b3c 100644
--- a/plugins/password/drivers/dbmail.php
+++ b/plugins/password/drivers/dbmail.php
@@ -40,20 +40,9 @@
         $args     = rcmail::get_instance()->config->get('password_dbmail_args', '');
         $command  = "$curdir/chgdbmailusers -c $username -w $password $args";
 
-        if (strlen($command) > 1024) {
-            rcube::raise_error(array(
-                'code' => 600,
-                'type' => 'php',
-                'file' => __FILE__, 'line' => __LINE__,
-                'message' => "Password plugin: The command is too long."
-                ), true, false);
+        exec($command, $output, $return_value);
 
-            return PASSWORD_ERROR;
-        }
-
-        exec($command, $output, $returnvalue);
-
-        if ($returnvalue == 0) {
+        if ($return_value == 0) {
             return PASSWORD_SUCCESS;
         }
         else {

--
Gitblit v1.9.1