From 7f3bdda29bf7123f1f2841c5483e30b5b22981ce Mon Sep 17 00:00:00 2001
From: "Christoph M. Becker" <cmbecker69@gmx.de>
Date: Fri, 16 Oct 2020 11:58:50 +0200
Subject: Properly fix #80220

The original fix for that bug[1] broke the formerly working composition
of message/rfc822 messages, which results in a segfault when freeing
the message body now.  While `imap_mail_compose()` does not really
support composition of meaningful message/rfc822 messages (although
libc-client appears to support that), some code may still use this to
compose partial messages, and using string manipulation to create the
final message.

The point is that libc-client expects `TYPEMESSAGE` with an explicit
subtype of `RFC822` to have a `nested.msg` (otherwise there will be a
segfault during free), but not to have any `contents.text.data` (this
will leak otherwise).

[1] <http://git.php.net/?p=php-src.git;a=commit;h=0d022ddf03c5fabaaa22e486d1e4a367ed9170a7>

Closes GH-6343.
---
 ext/imap/tests/bug80220.phpt | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 ext/imap/tests/bug80220.phpt

(limited to 'ext/imap/tests')

diff --git a/ext/imap/tests/bug80220.phpt b/ext/imap/tests/bug80220.phpt
new file mode 100644
index 0000000000..0d3e3eda9b
--- /dev/null
+++ b/ext/imap/tests/bug80220.phpt
@@ -0,0 +1,34 @@
+--TEST--
+Bug #80220 (imap_mail_compose() may leak memory) - message/rfc822 regression
+--SKIPIF--
+<?php
+if (!extension_loaded('imap')) die('skip imap extension not available');
+?>
+--FILE--
+<?php
+$bodies = [[
+    'type' => TYPEMESSAGE,
+    'subtype' => 'RFC822',
+], [
+    'contents.data' => 'asd',
+]];
+var_dump(imap_mail_compose([], $bodies));
+
+$bodies = [[
+    'type' => TYPEMESSAGE,
+], [
+    'contents.data' => 'asd',
+]];
+var_dump(imap_mail_compose([], $bodies));
+?>
+--EXPECT--
+string(53) "MIME-Version: 1.0
+Content-Type: MESSAGE/RFC822
+
+
+"
+string(53) "MIME-Version: 1.0
+Content-Type: MESSAGE/RFC822
+
+
+"
-- 
cgit v1.2.1