Merge #2587
2587: fix roundcube/sieve r=mergify[bot] a=nextgens ## What type of PR? bug-fix ## What does this PR do? Without this snuffleupagus is throwing a tantrum on ini_get(), when saving a sieve filter from roundcube. ``` [17-Dec-2022 13:44:08] WARNING: [pool php] child 21853 said into stderr: "NOTICE: PHP message: PHP Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Ab orted execution on call of the function 'ini_get', because its argument '$option' content (suhosin.request.max_vars) matched a rule in /var/www/roundcube/plugins/man agesieve/lib/Roundcube/rcube_sieve_engine.php on line 532" ``` ### Related issue(s) ## Prerequisites Before we can consider review and merge, please make sure the following list is done and checked. If an entry in not applicable, you can check it or remove it from the list. - [ ] In case of feature or enhancement: documentation updated accordingly - [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file. Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>main
commit
4315227215
@ -0,0 +1,47 @@
|
|||||||
|
--- plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
|
||||||
|
+++ plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
|
||||||
|
@@ -529,28 +529,13 @@
|
||||||
|
// get request size limits (#1488648)
|
||||||
|
$max_post = max([
|
||||||
|
ini_get('max_input_vars'),
|
||||||
|
- ini_get('suhosin.request.max_vars'),
|
||||||
|
- ini_get('suhosin.post.max_vars'),
|
||||||
|
]);
|
||||||
|
- $max_depth = max([
|
||||||
|
- ini_get('suhosin.request.max_array_depth'),
|
||||||
|
- ini_get('suhosin.post.max_array_depth'),
|
||||||
|
- ]);
|
||||||
|
|
||||||
|
// check request size limit
|
||||||
|
if ($max_post && count($_POST, COUNT_RECURSIVE) >= $max_post) {
|
||||||
|
rcube::raise_error([
|
||||||
|
'code' => 500, 'file' => __FILE__, 'line' => __LINE__,
|
||||||
|
'message' => "Request size limit exceeded (one of max_input_vars/suhosin.request.max_vars/suhosin.post.max_vars)"
|
||||||
|
- ], true, false
|
||||||
|
- );
|
||||||
|
- $this->rc->output->show_message('managesieve.filtersaveerror', 'error');
|
||||||
|
- }
|
||||||
|
- // check request depth limits
|
||||||
|
- else if ($max_depth && count($_POST['_header']) > $max_depth) {
|
||||||
|
- rcube::raise_error([
|
||||||
|
- 'code' => 500, 'file' => __FILE__, 'line' => __LINE__,
|
||||||
|
- 'message' => "Request size limit exceeded (one of suhosin.request.max_array_depth/suhosin.post.max_array_depth)"
|
||||||
|
], true, false
|
||||||
|
);
|
||||||
|
$this->rc->output->show_message('managesieve.filtersaveerror', 'error');
|
||||||
|
--- program/lib/Roundcube/bootstrap.php
|
||||||
|
+++ program/lib/Roundcube/bootstrap.php
|
||||||
|
@@ -32,13 +32,11 @@
|
||||||
|
// Some users are not using Installer, so we'll check some
|
||||||
|
// critical PHP settings here. Only these, which doesn't provide
|
||||||
|
// an error/warning in the logs later. See (#1486307).
|
||||||
|
- 'mbstring.func_overload' => 0,
|
||||||
|
];
|
||||||
|
|
||||||
|
// check these additional ini settings if not called via CLI
|
||||||
|
if (php_sapi_name() != 'cli') {
|
||||||
|
$config += [
|
||||||
|
- 'suhosin.session.encrypt' => false,
|
||||||
|
'file_uploads' => true,
|
||||||
|
'session.auto_start' => false,
|
||||||
|
'zlib.output_compression' => false,
|
Loading…
Reference in New Issue