File php-CVE-2016-7130.patch of Package php7

Index: php-7.0.7/ext/wddx/wddx.c
===================================================================
--- php-7.0.7.orig/ext/wddx/wddx.c	2016-09-06 09:49:22.868053640 +0200
+++ php-7.0.7/ext/wddx/wddx.c	2016-09-06 09:54:12.408885755 +0200
@@ -891,7 +891,11 @@ static void php_wddx_pop_element(void *u
 			zend_string *new_str = php_base64_decode(
 				(unsigned char *)Z_STRVAL(ent1->data), Z_STRLEN(ent1->data));
 			zval_ptr_dtor(&ent1->data);
-			ZVAL_STR(&ent1->data, new_str);
+			if (new_str) {
+				ZVAL_STR(&ent1->data, new_str);
+			} else {
+				ZVAL_EMPTY_STRING(&ent1->data);
+			}
 		}
 
 		/* Call __wakeup() method on the object. */
openSUSE Build Service is sponsored by