메일보내기 발신자 위장 방지 및 암호화 키의 안전성 취약점 수정

bbs/formmail_send.php

@@ -40,6 +40,12 @@ if ($type) {
 else
     $mail_content = $content;
 
+// 환경설정에서 폼메일 사용 여부가 회원만 사용에 체크되어 있으면
+if ($config['cf_formmail_is_member']) {
+    $fnick = (isset($member['mb_nick']) && $member['mb_nick']) ? $member['mb_nick'] : $member['mb_name'];
+    $fmail = $member['mb_email'];
+}
+
 mailer($fnick, $fmail, $to, $subject, $mail_content, $type, $file);
 
 // 임시 첨부파일 삭제

install/install_db.php

@@ -158,7 +158,7 @@ if ($g5_install || $is_install === false) {
                     cf_theme = 'basic',
                     cf_admin = '$admin_id',
                     cf_admin_email = '$admin_email',
-                    cf_admin_email_name = '".G5_VERSION."',
+                    cf_admin_email_name = '".G5_VERSION.'_'.substr(base_convert(mt_rand(), 10, 36), 0, 6)."',
                     cf_use_point = '1',
                     cf_use_copy_log = '1',
                     cf_login_point = '100',

lib/common.lib.php

@@ -3959,10 +3959,16 @@ class str_encrypt
 
     function __construct($salt='')
     {
-        if(!$salt)
-            $this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr(G5_MYSQL_USER, -1), $_SERVER['SERVER_SOFTWARE'].$_SERVER['DOCUMENT_ROOT']));
-        else
+        global $config;
+        
+        if (!$salt) {
+            $config_hash = md5(serialize(array($config['cf_title'], $config['cf_theme'], $config['cf_admin_email_name'], $config['cf_login_point'], $config['cf_memo_send_point'])));
+            
+            //$this->salt = md5(preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+            $this->salt = hash('sha256', preg_replace('/[^0-9A-Za-z]/', substr($config_hash, -1), $_SERVER['SERVER_SOFTWARE'].$config_hash.$_SERVER['DOCUMENT_ROOT']));
+        } else {
             $this->salt = $salt;
+        }
 
         $this->length = strlen($this->salt);
     }