fix: binary files as part are corrupted when stripping carriage returns

[pgmillon]

Q	A
Documentation	no
Bugfix	yes
BC Break	no
New Feature	no
RFC	no
QA	no

Description

When using a simple PNG binary as part of a message, the carriage return characters are ripped off, corrupting the binary.
Not ripping the carriage return characters have an impact in the parts splitting that was updated to use preg_match + PREG_OFFSET_CAPTURE as a replacement to strpos.
This was done the support either \r\n or \n with a regex rather than a more complex approach.
Working with a binary file highlighted the line feed that is added while reading each part, this was removed too a/ to avoid binary corruption and b/ a mime with no line feed shouldn't magically have one when reading.
A unit test was added to ensure further support of binaries.

[Ocramius]

Lacking the ability to evaluate this diff, will ask for a review by other maintainers

[Ocramius]

Same as above: changes to pre-existing test probably hiding a BC break 🤔

[pgmillon]

I understand your concern, but don't have a clear answer.
Ripping-off carriage returns is harmful to binaries but people might have built solutions of their own to mitigate it and this fix might break them.

[Ocramius]

TBH, if that's how things are, that would be an https://xkcd.com/1172/ :D

I just want a second review by somebody else, but if it's really like that, the bugfix is valid, and to be merged with the test changes too 👍

[Ocramius]

@pgmillon it's possible that this, being a bugfix, should go to 2.9.x

[pgmillon]

Hi,
I wasn't sure how you deal with bugfixes, sorry.
If you pull bugfixes from "legacy" branches into the main branch or if you "backport" from main into legacy branches.
I can update this PR for 2.9.x, as you prefer.

[Ocramius]

We merge up from oldstable branches to latest branches.

Since the last release is 2.9.1, I'd expect this to land in 2.9.2, therefore 2.9.x target branch.

We don't merge regular bugs into older branches, since they need to be security issues, in order to qualify for that :)

EDIT: I changed the base branch, but your commit will need to probably be cherry-picked on top of that, and then force-pushed here, so extraneous commits are gone.

[pgmillon]

Should be fine for 2.9.x now.

[pgmillon]

Wait, I just found another bug : if the message sender uses \r\n to generate the message rather than just \n, then the splitMime is not working correctly and leaving a lonely \r.

[pgmillon]

There we go : in my original fix I assumed sender's EOL was \n but when testing with a server that was using \r\n, I noticed the intend to prevent binaries corruption was not met because of a trailing \r.
I added a sender EOL detection to fix the parts splitting which now works fine with binaries.

[pgmillon]

Hi,
any chance to get that fix merged ? I'm waiting for it to cut a new release of a library I work on.
Thanks.

[weierophinney]

The changes make sense to me. While I have concerns about the test changes, your arguments for making them make sense, and the liklihood of breakage for users is limited to those who are already pre-processing parts on their own — which will primarily be limited to those trying to fix this very issue.

My main feedback is that I think you should make a few changes to make the "what" more clear: what you are capturing, what behavior you are testing, etc.

[weierophinney]

What does $matches[0][1] represent? Can you memoize it into a variable with a descriptive name, please?

[weierophinney]

Give this a better name: testBinaryPartsAreCreatedAndParsedWithoutLoss() or similar.