Overview

File php-CVE-2015-4602.patch of Package php5.14673

From: Stanislav Malyshev <stas@php.net>
Date: Mon, 23 Mar 2015 01:17:47 +0000 (-0700)
Subject: Check that the type is correct
X-Git-Tag: php-5.4.40~14^2~1
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=commitdiff_plain;h=fb83c76deec58f1fab17c350f04c9f042e5977d1

Check that the type is correct
---

--- ext/standard/incomplete_class.c
+++ ext/standard/incomplete_class.c
@@ -144,7 +144,7 @@ PHPAPI char *php_lookup_class_name(zval *object, zend_uint *nlen)
 
 	object_properties = Z_OBJPROP_P(object);
 
-	if (zend_hash_find(object_properties, MAGIC_MEMBER, sizeof(MAGIC_MEMBER), (void **) &val) == SUCCESS) {
+	if (zend_hash_find(object_properties, MAGIC_MEMBER, sizeof(MAGIC_MEMBER), (void **) &val) == SUCCESS && Z_TYPE_PP(val) == IS_STRING) {
 		retval = estrndup(Z_STRVAL_PP(val), Z_STRLEN_PP(val));
 
 		if (nlen) {
openSUSE Build Service is sponsored by
Places