File php-CVE-2017-12933.patch of Package php5.10549

Index: php-7.0.7/ext/standard/var_unserializer.re
===================================================================
--- php-7.0.7.orig/ext/standard/var_unserializer.re	2017-09-04 17:06:13.334217005 +0200
+++ php-7.0.7/ext/standard/var_unserializer.re	2017-09-04 17:06:31.402535650 +0200
@@ -423,13 +423,12 @@ string_key:
 
 static inline int finish_nested_data(UNSERIALIZE_PARAMETER)
 {
-	if (*((*p)++) == '}')
-		return 1;
+       if (*p >= max || **p != '}') {
+               return 0;
+       }
 
-#if SOMETHING_NEW_MIGHT_LEAD_TO_CRASH_ENABLE_IF_YOU_ARE_BRAVE
-	zval_ptr_dtor(rval);
-#endif
-	return 0;
+       (*p)++;
+       return 1;
 }
 
 static inline int object_custom(UNSERIALIZE_PARAMETER, zend_class_entry *ce)

Places

File php-CVE-2017-12933.patch of Package php5.10549

Places