From 6ad87317b54ce81e3296c1e1a8c497dd31e9d3d7 Mon Sep 17 00:00:00 2001
From: "bugzilla%glob.com.au" <>
Date: Fri, 23 Dec 2005 09:36:19 +0000
Subject: Bug 94293: Sendmail "from" header can not be configured in one config
 file, From header broken in SMTP Patch by Jochen Wiedmann
 <jochen.wiedmann@gmail.com> r=glob,a=justdave

---
 Bugzilla/BugMail.pm | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/BugMail.pm b/Bugzilla/BugMail.pm
index 69fb7b7b7..31d151112 100644
--- a/Bugzilla/BugMail.pm
+++ b/Bugzilla/BugMail.pm
@@ -639,8 +639,16 @@ sub MessageToMTA {
         $headers = new Mail::Header \@header_lines, Modify => 0;
     }
 
+    my $from = $headers->get('from');
+
     if (Param("mail_delivery_method") eq "sendmail" && $^O =~ /MSWin32/i) {
-        open(SENDMAIL, '|' . SENDMAIL_EXE . ' -t -i') ||
+        my $cmd = '|' . SENDMAIL_EXE . ' -t -i';
+        if ($from) {
+            # We're on Windows, thus no danger of command injection
+            # via $from. In other words, it is safe to embed $from.
+            $cmd .= qq# -f"$from"#;
+        }
+        open(SENDMAIL, $cmd) ||
             die "Failed to execute " . SENDMAIL_EXE . ": $!\n";
         print SENDMAIL $headers->as_string;
         print SENDMAIL "\n";
@@ -652,12 +660,18 @@ sub MessageToMTA {
     my @args;
     if (Param("mail_delivery_method") eq "sendmail") {
         push @args, "-i";
+        if ($from) {
+            push(@args, "-f$from");
+        }
     }
     if (Param("mail_delivery_method") eq "sendmail" && !Param("sendmailnow")) {
         push @args, "-ODeliveryMode=deferred";
     }
     if (Param("mail_delivery_method") eq "smtp") {
         push @args, Server => Param("smtpserver");
+        if ($from) {
+            $ENV{'MAILADDRESS'} = $from;
+        }
     }
     my $mailer = new Mail::Mailer Param("mail_delivery_method"), @args;
     if (Param("mail_delivery_method") eq "testfile") {
-- 
cgit v1.2.3-24-g4f1b