diff options
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/BugMail.pm | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/Bugzilla/BugMail.pm b/Bugzilla/BugMail.pm index 69fb7b7b7..31d151112 100644 --- a/Bugzilla/BugMail.pm +++ b/Bugzilla/BugMail.pm @@ -639,8 +639,16 @@ sub MessageToMTA { $headers = new Mail::Header \@header_lines, Modify => 0; } + my $from = $headers->get('from'); + if (Param("mail_delivery_method") eq "sendmail" && $^O =~ /MSWin32/i) { - open(SENDMAIL, '|' . SENDMAIL_EXE . ' -t -i') || + my $cmd = '|' . SENDMAIL_EXE . ' -t -i'; + if ($from) { + # We're on Windows, thus no danger of command injection + # via $from. In other words, it is safe to embed $from. + $cmd .= qq# -f"$from"#; + } + open(SENDMAIL, $cmd) || die "Failed to execute " . SENDMAIL_EXE . ": $!\n"; print SENDMAIL $headers->as_string; print SENDMAIL "\n"; @@ -652,12 +660,18 @@ sub MessageToMTA { my @args; if (Param("mail_delivery_method") eq "sendmail") { push @args, "-i"; + if ($from) { + push(@args, "-f$from"); + } } if (Param("mail_delivery_method") eq "sendmail" && !Param("sendmailnow")) { push @args, "-ODeliveryMode=deferred"; } if (Param("mail_delivery_method") eq "smtp") { push @args, Server => Param("smtpserver"); + if ($from) { + $ENV{'MAILADDRESS'} = $from; + } } my $mailer = new Mail::Mailer Param("mail_delivery_method"), @args; if (Param("mail_delivery_method") eq "testfile") { |