Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Mailer] Fix string-cast of exceptions thrown by authenticator in EsmtpTransport #45338

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 8, 2022
Merged

[Mailer] Fix string-cast of exceptions thrown by authenticator in EsmtpTransport #45338

merged 1 commit into from
Feb 8, 2022

Conversation

wikando-ck
Copy link
Contributor

Q A
Branch? 4.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #45308
License MIT

Replace an exception that was being cast to string with a call to getMessage().
This prevents information about the system leaking into the exception, (files/directories, stack trace).

Additionally (see https://symfony.com/releases):

I wasn't able to inject mocked authenticators, as they are instantiated in the constructor.
This makes unit testing very hard.
I was able to reproduce the problem with this test, but it will hit a real smtp server and should not be added to a testsuite.

   // EsmtpTransportTest.php
   
    public function testAuthExceptionContainsNoStackTrace()
    {
        $transport = new EsmtpTransport('smtp.ionos.de', 465, true);
        $transport->setUsername("test");
        $transport->setPassword("test");
        $message = new Message();
        $message->setHeaders(new Headers(
            new MailboxListHeader("From", [Address::create('[email protected]')]),
            new MailboxListHeader("To", [Address::create('[email protected]')]))
        );
        try {
            $transport->send($message);
            $this->fail("Expected TransportException");
        } catch (TransportExceptionInterface $e) {
            $this->assertStringNotContainsString("Stack trace:", $e->getMessage());
            $this->assertStringNotContainsString('Symfony\Component\Mailer\Transport\Smtp', $e->getMessage());
        }
    }

@carsonbot carsonbot added this to the 4.4 milestone Feb 7, 2022
@carsonbot
Copy link

Hey!

I see that this is your first PR. That is great! Welcome!

Symfony has a contribution guide which I suggest you to read.

In short:

  • Always add tests
  • Keep backward compatibility (see https://symfony.com/bc).
  • Bug fixes must be submitted against the lowest maintained branch where they apply (see https://symfony.com/releases)
  • Features and deprecations must be submitted against the 6.1 branch.

Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change.

When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor!
If this PR is merged in a lower version branch, it will be merged up to all maintained branches within a few days.

I am going to sit back now and wait for the reviews.

Cheers!

Carsonbot

@fabpot
Copy link
Member

fabpot commented Feb 8, 2022

Thank you @wikando-ck.

@fabpot fabpot merged commit a87485f into symfony:4.4 Feb 8, 2022
This was referenced Feb 28, 2022
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug Mailer Status: Reviewed
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
5 participants
@wikando-ck @carsonbot @fabpot @nicolas-grekas @chalasr