Overview

File php-CVE-2016-10397.patch of Package php5.6060

Index: php-5.5.14/ext/standard/url.c
===================================================================
--- php-5.5.14.orig/ext/standard/url.c	2017-07-20 17:54:04.797426667 +0200
+++ php-5.5.14/ext/standard/url.c	2017-07-20 17:54:13.809583263 +0200
@@ -214,28 +214,7 @@ PHPAPI php_url *php_url_parse_ex(char co
 		goto nohost;
 	}
 	
-	e = ue;
-	
-	if (!(p = memchr(s, '/', (ue - s)))) {
-		char *query, *fragment;
-
-		query = memchr(s, '?', (ue - s));
-		fragment = memchr(s, '#', (ue - s));
-
-		if (query && fragment) {
-			if (query > fragment) {
-				e = fragment;
-			} else {
-				e = query;
-			}
-		} else if (query) {
-			e = query;
-		} else if (fragment) {
-			e = fragment;
-		}
-	} else {
-		e = p;
-	}	
+	e = s + strcspn(s, "/?#");
 		
 	/* check for login and password */
 	if ((p = zend_memrchr(s, '@', (e-s)))) {
openSUSE Build Service is sponsored by
Places