From 54a3773623140ef349b24b128b92d27935e0590a Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 29 Apr 2021 20:29:00 +0000 Subject: [PATCH] External Libraries: Upgrade PHPMailer to version 6.4.1. Release notes: https://github.com/PHPMailer/PHPMailer/releases/tag/v6.4.1 For a full list of changes in this update, see the PHPMailer GitHub: https://github.com/PHPMailer/PHPMailer/compare/v6.4.0...v6.4.1 Props ayeshrajans. Fixes #53114. git-svn-id: https://develop.svn.wordpress.org/trunk@50799 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/PHPMailer/PHPMailer.php | 29 +++++++++++++++++++------ src/wp-includes/PHPMailer/SMTP.php | 2 +- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/src/wp-includes/PHPMailer/PHPMailer.php b/src/wp-includes/PHPMailer/PHPMailer.php index 8b27efc461..25818104e0 100644 --- a/src/wp-includes/PHPMailer/PHPMailer.php +++ b/src/wp-includes/PHPMailer/PHPMailer.php @@ -748,7 +748,7 @@ class PHPMailer * * @var string */ - const VERSION = '6.4.0'; + const VERSION = '6.4.1'; /** * Error severity: message only, continue processing. @@ -1723,9 +1723,10 @@ class PHPMailer fwrite($mail, $header); fwrite($mail, $body); $result = pclose($mail); + $addrinfo = static::parseAddresses($toAddr); $this->doCallback( ($result === 0), - [$toAddr], + [[$addrinfo['address'], $addrinfo['name']]], $this->cc, $this->bcc, $this->Subject, @@ -1812,7 +1813,8 @@ class PHPMailer */ protected static function isPermittedPath($path) { - return !preg_match('#^[a-z]+://#i', $path); + //Matches scheme definition from https://tools.ietf.org/html/rfc3986#section-3.1 + return !preg_match('#^[a-z][a-z\d+.-]*://#i', $path); } /** @@ -1824,12 +1826,15 @@ class PHPMailer */ protected static function fileIsAccessible($path) { + if (!static::isPermittedPath($path)) { + return false; + } $readable = file_exists($path); //If not a UNC path (expected to start with \\), check read permission, see #2069 if (strpos($path, '\\\\') !== 0) { $readable = $readable && is_readable($path); } - return static::isPermittedPath($path) && $readable; + return $readable; } /** @@ -1878,7 +1883,17 @@ class PHPMailer if ($this->SingleTo && count($toArr) > 1) { foreach ($toArr as $toAddr) { $result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params); - $this->doCallback($result, [$toAddr], $this->cc, $this->bcc, $this->Subject, $body, $this->From, []); + $addrinfo = static::parseAddresses($toAddr); + $this->doCallback( + $result, + [[$addrinfo['address'], $addrinfo['name']]], + $this->cc, + $this->bcc, + $this->Subject, + $body, + $this->From, + [] + ); } } else { $result = $this->mailPassthru($to, $this->Subject, $body, $header, $params); @@ -1967,7 +1982,7 @@ class PHPMailer $isSent = true; } - $callbacks[] = ['issent' => $isSent, 'to' => $to[0]]; + $callbacks[] = ['issent' => $isSent, 'to' => $to[0], 'name' => $to[1]]; } } @@ -1988,7 +2003,7 @@ class PHPMailer foreach ($callbacks as $cb) { $this->doCallback( $cb['issent'], - [$cb['to']], + [[$cb['to'], $cb['name']]], [], [], $this->Subject, diff --git a/src/wp-includes/PHPMailer/SMTP.php b/src/wp-includes/PHPMailer/SMTP.php index 9d85929ddf..0e7f53df50 100644 --- a/src/wp-includes/PHPMailer/SMTP.php +++ b/src/wp-includes/PHPMailer/SMTP.php @@ -35,7 +35,7 @@ class SMTP * * @var string */ - const VERSION = '6.4.0'; + const VERSION = '6.4.1'; /** * SMTP line break constant.