Merge pull request #55 from muhkuh2005/v1.9.3.1-patch1

PATCH_SUPEE-9652_v2-2017-02-07-01-18-38

Author: Aleksey Razbakov

app/etc/applied.patches.list

@@ -0,0 +1,4 @@
+-e 2017-02-08 08:27:48 UTC | SUPEE-9652 | EE_1.14.3.1 | v1 | 4038f0785d828794083f53f10c01aaa6af403523 | Tue Jan 24 15:03:12 2017 +0200 | 9586981e6ca8b255014b242d50b68b88525b0754..4038f0785d828794083f53f10c01aaa6af403523
+patching file lib/Zend/Mail/Transport/Sendmail.php
+
+

lib/Zend/Mail/Transport/Sendmail.php

@@ -119,14 +119,19 @@ public function _sendMail()
                 );
             }
 
-            set_error_handler(array($this, '_handleMailErrors'));
-            $result = mail(
-                $this->recipients,
-                $this->_mail->getSubject(),
-                $this->body,
-                $this->header,
-                $this->parameters);
-            restore_error_handler();
+            // Sanitize the From header
+            if (!Zend_Validate::is(str_replace(' ', '', $this->parameters), 'EmailAddress')) {
+                throw new Zend_Mail_Transport_Exception('Potential code injection in From header');
+            } else {
+                set_error_handler(array($this, '_handleMailErrors'));
+                $result = mail(
+                    $this->recipients,
+                    $this->_mail->getSubject(),
+                    $this->body,
+                    $this->header,
+                    $this->parameters);
+                restore_error_handler();
+            }
         }
 
         if ($this->_errstr !== null || !$result) {