MAGETWO-63137: Fix Zend Mail vulnerability

Sergey Semenov · Sergey Semenov · commit fc3dc50c1c6f · 2017-01-17T15:09:21.000+02:00
diff --git a/library/Zend/Mail/Transport/Sendmail.php b/library/Zend/Mail/Transport/Sendmail.php
@@ -194,6 +194,18 @@ protected function _prepareHeaders($headers)
             unset($headers['Subject']);
         }
 
+        // Sanitize the From header
+        if (isset($headers['From'])) {
+            $addressList = array_filter($headers['From'], function($key) {
+                return $key !== 'append';
+            }, ARRAY_FILTER_USE_KEY);
+            foreach ($addressList as $address) {
+                if (preg_match('/\\\"/', $address)) {
+                    throw new Zend_Mail_Transport_Exception('Potential code injection in From header');
+                }
+            }
+        }
+
         // Prepare headers
         parent::_prepareHeaders($headers);
 
