fix GH-21, GH-22, GH-24 segfault in mailparse_msg_parse without mime-version

package.xml

@@ -49,6 +49,7 @@ It can deal with rfc822 and rfc2045 (MIME) compliant messages.
  <notes>
 - drop usage of removed mbfl APIs in PHP 8.3
 - fix GH-27 MimeMessage::__construct() throws TypeError with $mode=stream
+- fix GH-21, GH-22, GH-24 segfault in mailparse_msg_parse without mime-version
  </notes>
  <contents>
   <dir name="/">
@@ -90,6 +91,9 @@ It can deal with rfc822 and rfc2045 (MIME) compliant messages.
     <file name="bug75825.phpt" role="test" />
     <file name="bug81422.phpt" role="test" />
     <file name="gh19.phpt" role="test" />
+    <file name="gh21.phpt" role="test" />
+    <file name="gh22.phpt" role="test" />
+    <file name="gh24.phpt" role="test" />
     <file name="parse_test_messages.phpt" role="test" />
    </dir> <!-- //tests -->
    <file name="config.m4" role="src" />

php_mailparse_mime.c

@@ -612,7 +612,9 @@ static int php_mimepart_process_line(php_mimepart *workpart)
 
 			newpart = alloc_new_child_part(workpart, workpart->endpos + origcount, 1);
 			php_mimepart_update_positions(workpart, workpart->endpos + origcount, workpart->endpos + linelen, 1);
-			newpart->mime_version = estrdup(workpart->mime_version);
+			if (workpart->mime_version) {
+				newpart->mime_version = estrdup(workpart->mime_version);
+			}
 			newpart->parsedata.in_header = 1;
 			return SUCCESS;
 		}

tests/gh21.phpt

@@ -0,0 +1,70 @@
+--TEST--
+GH issue #21 (Segmentation fault with mailparse_msg_create())
+--SKIPIF--
+<?php
+if (!extension_loaded("mailparse")) die("skip mailparse extension not available");
+?>
+--FILE--
+<?php
+
+$data = <<<'EOF'
+Date: Wed, 29 Jun 2022 19:14:02 +0000
+To: dmarc-noreply@linkedin.com
+From: dmarc-noreply@linkedin.com
+Content-Type: multipart/report; report-type=feedback-report;
+    boundary="part1_boundary"
+
+--part1_boundary
+Content-Type: text/plain; charset="US-ASCII"
+Content-Transfer-Encoding: 7bit
+
+This is an email abuse report for an email message received from IP x.x.x.x on Wed, 29 Jun 2022 19:14:02 +0000.
+The message below did not meet the sending domain's dmarc policy.
+The message below could have been accepted or rejected depending on policy.
+For more information about this format please see http://tools.ietf.org/html/rfc6591 .
+
+--part1_boundary
+Content-Type: message/feedback-report
+
+Feedback-Type: auth-failure
+User-Agent: Lua/1.0
+Version: 1.0
+
+--part1_boundary
+Content-Type: message/rfc822
+Content-Disposition: inline
+
+Date: Wed, 29 Jun 2022 20:13:58 +0100
+From: "Example" <mail@example.com>
+To: "LinkedIn" <foo@bounce.linkedin.com>
+Content-Type: multipart/alternative;
+	boundary="part2_boundary"
+
+--part2_boundary
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: quoted-printable
+
+foo
+
+--part2_boundary
+Content-Type: text/html; charset=UTF-8
+Content-Transfer-Encoding: quoted-printable
+
+<html>foo</html>
+
+--part2_boundary--
+
+--part1_boundary--
+EOF;
+
+$resource = mailparse_msg_create();
+
+$r = mailparse_msg_parse($resource, $data);
+echo 'ok', PHP_EOL;
+
+mailparse_msg_free($resource);
+
+exit(0);
+?>
+--EXPECTF--
+ok

tests/gh22.phpt

@@ -0,0 +1,75 @@
+--TEST--
+GH issue #22 (Segmentation fault with mailparse_msg_create())
+--SKIPIF--
+<?php
+if (!extension_loaded("mailparse")) die("skip mailparse extension not available");
+?>
+--FILE--
+<?php
+
+$data = <<<'EOF'
+X-Original-To: plus@protonmail.dev
+Received: from mail-test.protonmail.dev (mail-test.protonmail.dev [74.125.82.50])
+ by mail9i.protonmail.dev for <test@protonmail.dev>; Mon, 30 Apr 2018 13:03:00 +0000 (UTC)
+To: ProtonMail Test <plus@protonmail.dev>
+Subject: Buggy message
+From: dummyaddress@domain.com
+Date: Tue, 02 Aug 2022 20:53:51 -0400
+MIME-Version: 1.0
+Content-Type: multipart/mixed;
+        boundary="MCBoundary=_12208022055093421"
+
+--MCBoundary=_12208022055093421
+Content-Type: multipart/related;
+        boundary="MCBoundary=_12208022055093431"
+
+--MCBoundary=_12208022055093431
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/html; charset=UTF-8
+
+hello part 1
+
+--MCBoundary=_12208022055093431--
+
+--MCBoundary=_12208022055093421
+Content-Type: message/rfc822;
+        name="a name"
+Content-Disposition: inline;
+        filename="a name"
+
+Message-Id: <attach-12208022055093351@localhost>
+Date: Tue, 02 Aug 2022 20:53:51 -0400
+From: some@one.com
+To: someone@protonmail.com
+Subject: a subject
+Content-Type: multipart/alternative;
+        boundary="MCBoundary=_12208022055093381"
+
+--MCBoundary=_12208022055093381
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: quoted-printable
+
+hello other part
+
+--MCBoundary=_12208022055093381
+Content-Type: text/html; charset=UTF-8
+Content-Transfer-Encoding: quoted-printable
+
+hello again
+
+--MCBoundary=_12208022055093381--
+
+--MCBoundary=_12208022055093421--
+EOF;
+
+$resource = mailparse_msg_create();
+
+$r = mailparse_msg_parse($resource, $data);
+echo 'ok', PHP_EOL;
+
+mailparse_msg_free($resource);
+
+exit(0);
+?>
+--EXPECTF--
+ok

tests/gh24.phpt

@@ -0,0 +1,39 @@
+--TEST--
+GH issue #24 (Segmentation fault with mailparse_msg_create())
+--SKIPIF--
+<?php
+if (!extension_loaded("mailparse")) die("skip mailparse extension not available");
+?>
+--FILE--
+<?php
+
+$data = <<<'EML'
+Content-Type: multipart/mixed;
+        boundary="MCBoundary=_12210121514003461"
+
+--MCBoundary=_12210121514003461
+Content-Type: message/rfc822
+
+Content-Type: multipart/alternative;
+        boundary="MCBoundary=_12210121514003451"
+
+--MCBoundary=_12210121514003451
+Content-Type: text/plain;
+
+content
+
+--MCBoundary=_12210121514003451--
+
+--MCBoundary=_12210121514003461--
+EML;
+
+$resource = mailparse_msg_create();
+
+$r = @mailparse_msg_parse($resource, $data);
+echo 'ok', PHP_EOL;
+
+mailparse_msg_free($resource);
+exit(0);
+?>
+--EXPECTF--
+ok