From d3b98eb4dcb2b7eb867ae21108e64d0b2769e920 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Thu, 21 Jan 2016 10:28:29 -0500 Subject: [PATCH] Fix (again) security issue in DBMail driver of password plugin [CVE-2015-2181] (#1490643) --- plugins/password/drivers/dbmail.php | 15 ++------------- 1 files changed, 2 insertions(+), 13 deletions(-) diff --git a/plugins/password/drivers/dbmail.php b/plugins/password/drivers/dbmail.php index 1207283..a1a0b3c 100644 --- a/plugins/password/drivers/dbmail.php +++ b/plugins/password/drivers/dbmail.php @@ -40,20 +40,9 @@ $args = rcmail::get_instance()->config->get('password_dbmail_args', ''); $command = "$curdir/chgdbmailusers -c $username -w $password $args"; - if (strlen($command) > 1024) { - rcube::raise_error(array( - 'code' => 600, - 'type' => 'php', - 'file' => __FILE__, 'line' => __LINE__, - 'message' => "Password plugin: The command is too long." - ), true, false); + exec($command, $output, $return_value); - return PASSWORD_ERROR; - } - - exec($command, $output, $returnvalue); - - if ($returnvalue == 0) { + if ($return_value == 0) { return PASSWORD_SUCCESS; } else { -- Gitblit v1.9.1