File php7-CVE-2019-11043.patch of Package php7

X-Git-Url: http://208.43.231.11:8000/?p=php-src.git;a=blobdiff_plain;f=sapi%2Ffpm%2Ffpm%2Ffpm_main.c;h=dfc0d8f7413c1224017833d0bbb604721e9d2b8f;hp=483fabe9d8506513e0275694a2148a2d82084a33;hb=19e17d3807e6cc0b1ba9443ec5facbd33a61f8fe;hpb=12cca48ff67587e9aabaa41b80466cb9ff418d57

diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c
index 483fabe9d85..dfc0d8f7413 100644
--- a/sapi/fpm/fpm/fpm_main.c
+++ b/sapi/fpm/fpm/fpm_main.c
@@ -1148,8 +1148,8 @@ static void init_request_info(void)
 								path_info = script_path_translated + ptlen;
 								tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0));
 							} else {
-								path_info = env_path_info ? env_path_info + pilen - slen : NULL;
-								tflag = (orig_path_info != path_info);
+								path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL;
+								tflag = path_info && (orig_path_info != path_info);
 							}
 
 							if (tflag) {
openSUSE Build Service is sponsored by