File php-CVE-2016-10712.patch of Package php5.11538
--- a/main/streams/memory.c
+++ b/main/streams/memory.c
@@ -682,7 +682,9 @@ static php_stream * php_stream_url_wrap_rfc2397(php_stream_wrapper *wrapper, cha
plen = sep - path;
vlen = (semi ? semi - sep : mlen - plen) - 1 /* '=' */;
key = estrndup(path, plen);
- add_assoc_stringl_ex(meta, key, plen + 1, sep + 1, vlen, 1);
+ if (plen != sizeof("mediatype")-1 || memcmp(key, "mediatype", sizeof("mediatype")-1)) {
+ add_assoc_stringl_ex(meta, key, plen + 1, sep + 1, vlen, 1);
+ }
efree(key);
plen += vlen + 1;
mlen -= plen;
--- a/ext/standard/streamsfuncs.c
+++ b/ext/standard/streamsfuncs.c
@@ -496,6 +496,12 @@ PHP_FUNCTION(stream_get_meta_data)
array_init(return_value);
+ if (!php_stream_populate_meta_data(stream, return_value)) {
+ add_assoc_bool(return_value, "timed_out", 0);
+ add_assoc_bool(return_value, "blocked", 1);
+ add_assoc_bool(return_value, "eof", php_stream_eof(stream));
+ }
+
if (stream->wrapperdata) {
MAKE_STD_ZVAL(newval);
MAKE_COPY_ZVAL(&stream->wrapperdata, newval);
@@ -531,12 +537,6 @@ PHP_FUNCTION(stream_get_meta_data)
add_assoc_string(return_value, "uri", stream->orig_path, 1);
}
- if (!php_stream_populate_meta_data(stream, return_value)) {
- add_assoc_bool(return_value, "timed_out", 0);
- add_assoc_bool(return_value, "blocked", 1);
- add_assoc_bool(return_value, "eof", php_stream_eof(stream));
- }
-
}
/* }}} */